Court: HIPAA Violations are Grounds for Termination
The Kentucky Court of Appeals recently upheld the termination of a nurse who unintentionally disclosed a patient’s confidential health information while she was conducting a procedure.
Tag: HIPAA
HR’s Top HIPAA Compliance Misconceptions Dispelled
HIPAA has become synonymous with medical records privacy, for good reason. Enacted more than 20 years ago, it gives individuals the power to decide who has access to their health records and has forced major changes in the way health care providers, health plans and businesses handle records.
Court Remands EEOC Wellness Rules, Finding No Support for 30% Threshold
A federal district court remanded the U.S. Equal Employment Opportunity Commission’s (EEOC) wellness program rules, finding it unclear how the rules’ 30% threshold met the Americans with Disabilities Act’s (ADA) requirement that wellness programs be “voluntary.”
Phishing Scam Leads to $400,000 HIPAA Settlement at Colorado Health Center
A nonprofit health center in Colorado agreed to pay $400,000 to settle Health Insurance Portability and Accountability Act (HIPAA) security allegations after a hacker accessed employees’ e-mail accounts and obtained 3,200 individuals’ protected health information (PHI) in a phishing incident, the U.S. Department of Health and Human Services (HHS) announced April 12.
New Bill Regarding EEOC Wellness Rules
By David Slaughter, JD Legislation introduced by a key House Republican would largely negate the U.S. Equal Employment Opportunity Commission’s (EEOC) wellness program rules, which plan sponsors have criticized for adding a duplicative layer of regulation to earlier standards set by other agencies. BLR® Senior Legal Editor David Slaughter, JD, has the facts in today’s […]
HIPAA Experts Highlight Recent ‘Spike’ in Enforcement
A recent surge in monetary Health Insurance Portability and Accountability Act (HIPAA) settlements is altering the compliance landscape at a time when new technical and legal challenges also are coming into play, practitioners and regulators told a recent conference.
No HIPAA Exception for Cybersecurity Information Sharing, HHS Warns
The Health Insurance Portability and Accountability Act’s (HIPAA’s) privacy rule does not exempt the sharing of information on cyber threat indicators, so HIPAA-covered entities and their business associates may not share protected health information (PHI) for this purpose unless HIPAA otherwise allows it, the U.S. Department of Health and Human Services (HHS) warned recently.
OCR to Take Closer Look at Smaller HIPAA Breaches
Most Health Insurance Portability and Accountability Act (HIPAA) enforcement has focused on the larger breaches of protected health information (PHI). But the U.S. Department of Health and Human Services (HHS) has not forgotten those incidents that fall below the “major” threshold of 500 individuals.
Record HIPAA Settlement: Advocate Health Care Pays $5.55 Million
Advocate Health Care Network (Advocate) has agreed to pay $5.55 million to settle with the U.S. Department of Health and Human Services, Office for Civil Rights (OCR), multiple potential Health Insurance Portability and Accountability Act (HIPAA) violations involving electronic protected health information (ePHI). This is the largest HIPAA settlement to date against a single entity.
Recent Big-Ticket HIPAA Settlements Drive Home Need for Organizational Commitment
By David Slaughter, JD, Senior Legal Editor The month of July saw two hospitals reach multimillion-dollar Health Insurance Portability and Accountability Act (HIPAA) privacy and security settlements with the U.S. Department of Health and Human Services (HHS). Each case began with that most mundane of data breaches, the stolen laptop, but once HHS investigators started […]