To start 2014, HHS OCR issued its first resolution agreement of the year and its first settlement with a county government—signaling that even local and county governments, regardless of size, must safeguard the privacy and security of patient information in compliance with HIPAA. Skagit County, Washington (County), located in northwest Washington with approximately 118,000 residents, … Continue Reading
The Federal Trade Commission (FTC) recently announced that it had settled its data privacy case against medical transcription firm GMR Transcription Services, Inc. (GMR) following allegations that GMR had failed to adequately protect the personal information of its consumers. The consent order signed by the parties is a particularly notable milestone in that it marks … Continue Reading
The Washington Post recently published an article reminding individuals not to tweet or otherwise share information concerning their medical conditions on social media, warning that disclosing such information publicly “is akin to posting your address along with the dates you’ll be away on vacation.” Quoting Jennifer Trussell, who investigates medical identity theft on behalf of … Continue Reading
The U.S. Department of Health and Human Services (HHS) recently published a Final Rule granting patients and their personal representatives access to the patient’s completed laboratory test reports directly from the lab maintaining the information. The Final Rule, published jointly by the Office for Civil Rights (OCR), the Centers for Medicare & Medicaid Services (CMS) … Continue Reading
In this posting: A Look Back at 2013 Antitrust and Competition Policy, Advocacy and Legislative Strategy Development FDA and Life Sciences Privacy and Data Protection Enforcement and Compliance Transactions and Finance Reimbursement, Licensing and Certification Fraud and Abuse Laws Tax-Exempt Organizations Honors and Recognition Was it the number 13? There’s an old superstition about the … Continue Reading
Editor’s Note: This post originally appeared on BakerHostetler’s Data Privacy Monitor blog. HHS Releases Notice of Proposed Rulemaking On January 7, 2014, the U.S. Department of Health and Human Services (HHS) issued a notice of proposed rulemaking (NPRM) for the purpose of modifying the Health Insurance Portability and Accountability Act (HIPAA) to expressly permit certain … Continue Reading
Editor’s Note: This post is a joint submission with BakerHostetler’s Data Privacy Monitor blog. On January 25, 2013, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) published the long-awaited HIPAA Omnibus Final Rule (Final Rule), which includes the most sweeping changes to HIPAA since the Privacy and Security Rules were released. … Continue Reading
The Texas Health Services Authority (THSA) recently announced its selection of the Health Information Trust Alliance (HITRUST) Common Security Framework (CSF), the most widely adopted information privacy and security framework in the U.S. healthcare industry, to form the basis of the Texas Covered Entity Privacy and Security Certification Program, setting the stage for Texas to become the … Continue Reading