Tag: HHS

COVID Vaccines: When is Employee’s Vaccination Status HIPAA-protected?

Whether an employee’s COVID-19 vaccination status is protected by the Health Insurance Portability and Accountability Act (HIPAA) has been (or should be) on the minds of all HR personnel as of late. That’s especially true as we await the Occupational Safety and Health Administration’s (OSHA) impending rule that will likely require employers with 100 or more employees […]

How Pandemic, Political Shifts have Affected Affordable Care Act

Pandemic-related and political shifts regarding Section 1557 of the Affordable Care Act (ACA), the part that prohibits employer discrimination, have occurred over the last few years. Read on to learn what you need to know about (1) long-haul COVID-19 and disability discrimination and (2) the Biden administration’s approach to gender discrimination.

HIPAA

HHS Withdraws Rules for Certifying Compliance with HIPAA Transaction Standards

The U.S. Department of Health and Human Services (HHS) withdrew a proposed rule that would have required health plans, including employer group health plans, to certify compliance with the Health Insurance Portability and Accountability Act (HIPAA) transaction standards or face potentially stiff penalties.

phishing

Phishing Scam Leads to $400,000 HIPAA Settlement at Colorado Health Center

A nonprofit health center in Colorado agreed to pay $400,000 to settle Health Insurance Portability and Accountability Act (HIPAA) security allegations after a hacker accessed employees’ e-mail accounts and obtained 3,200 individuals’ protected health information (PHI) in a phishing incident, the U.S. Department of Health and Human Services (HHS) announced April 12.

No HIPAA Exception for Cybersecurity Information Sharing, HHS Warns

The Health Insurance Portability and Accountability Act’s (HIPAA’s) privacy rule does not exempt the sharing of information on cyber threat indicators, so HIPAA-covered entities and their business associates may not share protected health information (PHI) for this purpose unless HIPAA otherwise allows it, the U.S. Department of Health and Human Services (HHS) warned recently.