How Does a $16 Million HIPAA Violation Settlement Grab You? HIPAA & HITECH Act Blog by Jonathan P. Tomes
The Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) has announced the biggest HIPAA violation settlement yet—that is, $16 million, smashing .. read more
Patient Right of Access to Their Charts—Still a Problem Area: HIPAA & HITECH Act Blog by Jonathan P. Tomes
According to a recent study by Yale University School of Medicine, published in JAMA Network Open, covered entities are not providing to patients copies of .. read more
HIPAA and NIST: What’s the Connection? HIPAA & HITECH Act Blog by Jonathan P. Tomes
The National Institute for Standards and Technology [“NIST”] first became involved with HIPAA when it published “An Introductory Resource Guide for Implementing the Health Insurance .. read more
Does the European Union’s General Data Protection Regulation (“GDPR”) Affect You? HIPAA & HITECH Act Blog by Jonathan P. Tomes
The European Union’s General Data Protection Regulation (“GDPR”) protects personal data for European Union (“EU”) residents around the world. Under it, any business or organization, .. read more
California Exempts HIPAA Covered Entities from Its New Consumer Privacy Act: HIPAA & HITECH Act Blog by Jonathan P. Tomes
In June 2018, the California legislature passed the California Consumer Privacy Act (“CCPA”), which was intended to change state law to better protect the privacy .. read more
Another State Fine for a HIPAA Security Breach: HIPAA & HITECH Act Blog by Jonathan P. Tomes
As we’ve previously noted in this blog, the Office for Civil Rights (“OCR”) of the Department of Health and Human Services (“DHHS”), the Federal Trade .. read more
What Will HIPAA Let You Do if You Are Slammed on Social Media? HIPAA & HITECH Act Blog by Jonathan P. Tomes
No matter how good a practitioner you are and how perfectly you handled a particular patient/client health problem, you could certainly end up with a .. read more
Back to School: Time for HIPAA Training for Your Workforce: HIPAA & HITECH Act Blog by Jonathan P. Tomes with Guest Commentator Alice M. McCart
It’s back-to-school time here in America, so it’s time to think about learning what we need to know and, by expansion, training our people in .. read more
Securing EHRs on Mobile Devices—New NIST Guidance: HIPAA & HITECH Act Blog by Jonathan P. Tomes
The single biggest category of DHHS civil money penalties involves loss or theft of EHRs on mobile devices. The only guidance in the Security Rule .. read more
Must You Audit Your Business Associates for HIPAA Compliance? HIPAA & HITECH Act Blog by Jonathan P. Tomes
Now that the HITECH Act and the Omnibus Rule have made covered entities potentially liable for breaches by their business associate, see Compliance Hit: Expanded .. read more