OCR Archives - Page 3 of 8 - Veterans Press, Inc.

How Does a $16 Million HIPAA Violation Settlement Grab You? HIPAA & HITECH Act Blog by Jonathan P. Tomes

The Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) has announced the biggest HIPAA violation settlement yet—that is, $16 million, smashing .. read more

On October 28th, 2018, posted in: HIPAA Compliance Blog by Alice Tags: Alice M. McCart, breach, breach notification, compliance, data breach, HHS, HIPAA, HIPAA civil money penalties, HIPAA compliance, HIPAA policies, HIPAA training, HIPAA violation, HIPAA violation settlement, HITECH, HITECH Act, identity theft, Jonathan P. Tomes, OCR, risk analysis, Security Rule

Patient Right of Access to Their Charts—Still a Problem Area: HIPAA & HITECH Act Blog by Jonathan P. Tomes

According to a recent study by Yale University School of Medicine, published in JAMA Network Open, covered entities are not providing to patients copies of .. read more

On October 22nd, 2018, posted in: HIPAA Compliance Blog by Alice Tags: Alice M. McCart, business associate, compliance, HHS, HIPAA, HIPAA civil money penalties, HIPAA compliance, HIPAA right of access, HIPAA violation, HITECH, Jonathan P. Tomes, OCR, Office for Civil Rights, PHI, Privacy Rule, right of access

California Exempts HIPAA Covered Entities from Its New Consumer Privacy Act: HIPAA & HITECH Act Blog by Jonathan P. Tomes

In June 2018, the California legislature passed the California Consumer Privacy Act (“CCPA”), which was intended to change state law to better protect the privacy .. read more

On September 30th, 2018, posted in: HIPAA Compliance Blog by Alice Tags: Alice M. McCart, business associate, California Consumer Privacy Act, CCPA, compliance, consumer privacy act, HHS, HIPAA, HIPAA compliance, HIPAA training, HIPAA violation, HITECH Act, Jonathan P. Tomes, OCR, Omnibus Rule, PHI, Privacy Rule, private right of action, Security Rule

Another State Fine for a HIPAA Security Breach: HIPAA & HITECH Act Blog by Jonathan P. Tomes

As we’ve previously noted in this blog, the Office for Civil Rights (“OCR”) of the Department of Health and Human Services (“DHHS”), the Federal Trade .. read more

On September 12th, 2018, posted in: HIPAA Compliance Blog by Alice Tags: Alice M. McCart, breach notification, compliance, criminal conviction, criminal HIPAA violation, data breach, EHR, EPHI, HHS, HHS audit, HIPAA, HIPAA civil money penalties, HIPAA compliance, HIPAA policies, HIPAA training, HITECH, HITECH Act, Jonathan P. Tomes, OCR, PHI, risk analysis, Security Rule, state fine for HIPAA security breach

What Will HIPAA Let You Do if You Are Slammed on Social Media? HIPAA & HITECH Act Blog by Jonathan P. Tomes

No matter how good a practitioner you are and how perfectly you handled a particular patient/client health problem, you could certainly end up with a .. read more

On September 3rd, 2018, posted in: HIPAA Compliance Blog by Alice Tags: Alice M. McCart, compliance, criminal HIPAA violation, HHS, HIPAA, HIPAA social media, HIPAA training, HIPAA violation, HITECH, Jonathan P. Tomes, mental and behavioral health, OCR, OCR investigation, PHI, social media

OCR Encourages Covered Entities to Perform a Gap Analysis: HIPAA & HITECH Act Blog by Jonathan P. Tomes

We at EMR Legal and Veterans Press have been encouraging our clients and customers to perform a gap analysis since shortly after HIPAA became law .. read more

On July 22nd, 2018, posted in: HIPAA Compliance Blog by Alice Tags: Alice M. McCart, audit, business associate, compliance, EHR, emr, EPHI, gap analysis, HHS, HIPAA, HIPAA compliance, HIPAA policies, HITECH Act, Jonathan P. Tomes, Notice of Privacy Practices, OCR, Office for Civil Rights, PHI, risk analysis, Security Rule

DHHS Issues New Guidance on HIPAA and Individual Authorization of Uses and Disclosures of PHI for Research: HIPAA & HITECH Act Blog by Jonathan P. Tomes

The U.S. Department of Health and Human Services (“DHHS”) Office for Civil Rights (“OCR”) has issued new guidance for HIPAA-covered entities to streamline HIPAA authorizations .. read more

On July 15th, 2018, posted in: HIPAA Compliance Blog by Alice Tags: Alice M. McCart, authorization, compliance, disclosures, EHR, EPHI, HHS, HIPAA, HIPAA compliance, HIPAA policies, HIPAA right of access, Jonathan P. Tomes, OCR, Office for Civil Rights, PHI, PHI in research, research, uses for research

DHHS Issues Reminder to Address Physical Security, Particularly Workstation Security: HIPAA & HITECH Act Blog by Jonathan P. Tomes

In May 2018, the U.S. Department of Health and Human Services (“DHHS”) Office for Civil Rights (“OCR”) issued its Cybersecurity Newsletter, “Workstation Security: Don’t Forget .. read more

On July 8th, 2018, posted in: HIPAA Compliance Blog by Alice Tags: Alice M. McCart, compliance, encryption, EPHI, HHS, HIPAA, HIPAA compliance, HIPAA policies, HIPAA training, HIPAA violation, HITECH, HITECH Act, Jonathan P. Tomes, OCR, Office for Civil Rights, PHI, physical security, risk analysis, Security Rule, workstation security

Biggest HIPAA Civil Money Penalty Yet—How Does $5.5 Million Sound? HIPAA & HITECH Act Blog by Jonathan P. Tomes

Memorial Healthcare System (“MHS”) settled with the U.S. Department of Health and Human Services (“DHHS”) for $5.5 million for potential violations of the Health Insurance .. read more

Sample Release of PHI to Clergy Policy Posted in Premium Member Section: HIPAA & HITECH Act Blog by Jonathan P. Tomes

As I discussed in my December 21, 2017, blog post, which included a new Sample Media Policy, and my November 28, 2017, post regarding the .. read more

On January 7th, 2018, posted in: HIPAA Compliance Blog by Alice Tags: compliance, Hands-on HIPAA Workshop, HIPAA compliance, HIPAA policies, HIPAA right of access, HIPAA training, HIPAA violation, HIPAA-Hysteria, HITECH, Jonathan P. Tomes, mental and behavioral health, Notice of Privacy Practices, OCR, Office for Civil Rights, PHI, privacy, Privacy Rule, release of PHI to clergy, risk analysis