Practical HR Tips, News & Advice. Updated Daily.
CareFirst BlueCross BlueShield has become the latest major health insurer to acknowledge having suffered a large-scale cyberattack on its member data. Information on about 1.1 million individuals was affected by the breach, which CareFirst discovered during an information technology security review conducted in the wake of the attacks on Anthem and Premera. In June 2014, […]
ERISA stands for the Employee Retirement Income Security Act of 1974. In short, this is the federal law that creates standards for retirement, health, and pension plans. Even though such plans are typically set up privately, employers that opt to offer them have an obligation to meet the requirements under ERISA when implementing their plans. […]
You may have heard the news of the monumental data hack on Sony late last month, where several personal e-mails, rough cuts of movies, and screenplays were obtained and released without authorization by the media giant. According to several news outlets, the e-mails in particular reveal personal gripes about certain celebrities (shocker!) and have raised allegations […]
As the transition period for amending business associate agreements draws to a close, HIPAA experts have highlighted some issues for plan sponsors to keep in mind. Under last year’s HIPAA/HITECH omnibus rules, all contracts with business associates must be compliant with the rules by Sept. 22. Obviously, group health plans and other HIPAA-covered entities that […]
With the HIPAA deadline for obtaining a health plan identifier less than two months away, plan sponsors have encountered major problems trying to get one — if they’ve started at all, according to a poll conducted by the ERISA Industry Committee. “ERIC’s members are really struggling with the requirements for health plan identifiers,” said Gretchen […]
A former employee of a Massachusetts-based health insurer pleaded guilty to one count of illegal disclosure of Social Security numbers, after federal prosecutors alleged she stole plan members’ SSNs and other personal identifying information as part of a scheme to defraud the government. Emeline Lubin faces a possible prison sentence of up to five years […]
When investigating a breach of IT network security leading to leakage of protected health information, HHS looks for consistency in the covered entity’s response — with both HIPAA rules and the organization’s own written procedures, according to a former official with HHS’ Office for Civil Rights. OCR tends to “expect a perfect assessment done the […]
The new electronic process for self-funded non-federal governmental plans to opt out of certain HIPAA-related coverage requirements was detailed in guidance from the Centers for Medicare and Medicaid Services. Opt-out elections must be submitted through the Non-Federal Governmental Plans Module in the Health Insurance Oversight System, according to the July 21 memorandum from Mandy Cohen, […]
As employers continue to ramp up their use of wellness incentives, employee resistance also is on the rise, recent studies suggest. While wellness programs in general enjoy broad public support (76 percent of respondents), a majority (62 percent) oppose requiring employees to pay more for health coverage if they do not participate, according to a […]
Reducing the risk of data breaches requires assessing your company’s vulnerabilities, then addressing them with policies, procedures, training and agreements. The media tend to focus on external hackers, but “the real culprits for most our clients are internal,” according to employment law attorney Robert Fitzpatrick. Employee data breaches can be classified into the deliberate and […]