The 2009 HITECH Act mandated that the U.S. Department of Health and Human Services Office for Civil Rights (“OCR”) conduct periodic audits of covered entities and business associates for compliance with HIPAA privacy and security requirements.
When the U.S. Supreme Court decided United States v. Windsor, it declared section 3 of the Defense of Marriage Act (DOMA) to be unconstitutional.
Last Sunday’s New York Times article by Anemona Hartocollis on the illegality of posting baby pictures in a doctor’s office made me wonder if anyone I know could pick my kids’ faces out of a line up of cute newborn photos posted on the wall of a doctor’s office.
The increasing prevalence of mobile technology in the healthcare sector continues to create compliance concerns for physician practices and other health care entities.
Two Months to Amend HIPAA Business Associate Agreements for Omnibus Compliance, but Beware the Bare Bones BAA
Does your business associate agreement (BAA) reflect your business deal, or is it a bare bones HIPAA compliance document?
As reported by HealthcareInfoSecurity.com, a former hospital employee is facing criminal charges brought by federal prosecutors in Texas for alleged violations of the privacy and security requirements under the Health Insurance Portability and Accountability Act (HIPAA).
The recent United States Supreme Court decision in Burwell v. Hobby Lobby Stores, Inc. has attorneys, pundits, policy-makers and businesses (yes, corporations are people, too) pondering big, quintessentially American issues like the free exercise of religion, compelling government interests, and our fundamental right to make money (and, as a corollary issue, what distinguishes for-profit from not-for-profit corporations).
While OCR enforcement activity has focused on a covered entity’s safeguarding of ePHI, organizations cannot forget about PHI in non-electronic form.
$800,000 Medical Records Dumping Settlement: Expensive Reminder That HIPAA Applies to Paper Records, Too
A 2009 incident involving the dumping of 71 boxes of medical records will cost an Indiana-based health system, Parkview Health System, Inc. (“Parkview”), $800,000 for alleged violations of the Health Insurance Portability and Accountability Act (“HIPAA”).
What’s that old saying … “a day late and a dollar short?” Here is our Privacy Monday roundup … on Tuesday.