With ongoing changes in the threat ecosystem and regulatory climate, employers need to be looking beyond the Health Insurance Portability and Accountability Act (HIPAA) and other traditional breach laws to prioritize the organization’s critical knowledge assets, according to data security attorneys who spoke at a recent American Bar Association (ABA) conference.
Tag: breach notification
A Rhode Island health system’s $400,000 settlement of a federal Health Insurance Portability and Accountability Act (HIPAA)enforcement action illustrates the importance of keeping business associate agreements (BAAs) up to date when circumstances or regulations change.
By David Slaughter, JD, Senior Legal Editor The month of July saw two hospitals reach multimillion-dollar Health Insurance Portability and Accountability Act (HIPAA) privacy and security settlements with the U.S. Department of Health and Human Services (HHS). Each case began with that most mundane of data breaches, the stolen laptop, but once HHS investigators started […]
As the transition period for amending business associate agreements draws to a close, HIPAA experts have highlighted some issues for plan sponsors to keep in mind. Under last year’s HIPAA/HITECH omnibus rules, all contracts with business associates must be compliant with the rules by Sept. 22. Obviously, group health plans and other HIPAA-covered entities that […]
Does your organization offer or plan to offer employees online or electronic personal health records (PHRs)? Can employees enter their personal health information into online programs that help them evaluate and improve their health, such as weight loss applications? If you’ve answered yes or if your organization provides electronic PHR programs to others, you should […]