Security risk analysis and risk management were among the most acute compliance problems found by the U.S. Department of Health and Human Services (HHS) in its recent desk audits of covered entities under the Health Insurance Portability and Accountability Act (HIPAA).
The Connecticut Supreme Court reinforced an earlier ruling on Health Insurance Portability and Accountability Act (HIPAA) privacy as a standard of care in a second opinion in Byrne v. Avery Center for Obstetrics and Gynecology PC, SC 19873 (Conn., Jan. 16, 2018).
A major renal care provider agreed to $3.5 million to resolve Health Insurance Portability and Accountability Act (HIPAA) privacy and security allegations arising from a series of data breaches at five different facilities over a 5-month span in 2012.
In recent years, more and more employers have implemented wellness programs—employee participation programs that may include wellness education, health or fitness challenges, and even limited medical testing and preventive care requirements—to promote and encourage employee health and wellbeing. Through these programs, they hope to create a healthier workforce and reduce insurance costs.
A federal district court vacated the U.S. Equal Employment Opportunity Commission’s (EEOC) rules on how employers’ wellness programs must comply with the Americans with Disabilities Act (ADA) and Genetic Nondiscrimination Act (GINA).
The Kentucky Court of Appeals recently upheld the termination of a nurse who unintentionally disclosed a patient’s confidential health information while she was conducting a procedure.
HIPAA has become synonymous with medical records privacy, for good reason. Enacted more than 20 years ago, it gives individuals the power to decide who has access to their health records and has forced major changes in the way health care providers, health plans and businesses handle records.
A federal district court remanded the U.S. Equal Employment Opportunity Commission’s (EEOC) wellness program rules, finding it unclear how the rules’ 30% threshold met the Americans with Disabilities Act’s (ADA) requirement that wellness programs be “voluntary.”
A nonprofit health center in Colorado agreed to pay $400,000 to settle Health Insurance Portability and Accountability Act (HIPAA) security allegations after a hacker accessed employees’ e-mail accounts and obtained 3,200 individuals’ protected health information (PHI) in a phishing incident, the U.S. Department of Health and Human Services (HHS) announced April 12.
A recent surge in monetary Health Insurance Portability and Accountability Act (HIPAA) settlements is altering the compliance landscape at a time when new technical and legal challenges also are coming into play, practitioners and regulators told a recent conference.