Tag: HIPAA

Breach Notice Brings $1.5M HIPAA Enforcement Action

A health insurer agreed to pay $1.5 million and adopt a detailed corrective action plan to resolve HIPAA security allegations stemming from a 2009 data breach. This is the first HIPAA enforcement action to result from the breach reports now required by the HITECH Act. Like many data breaches that have been making the news […]

HHS to Step Up HIPAA Privacy Enforcement in ‘Abject Failure’ Cases

The U.S. Department of Health and Human Services (HHS) is refocusing its HIPAA privacy enforcement efforts on seeking monetary penalties in cases of “abject failure” to comply, the head of HHS’ Office for Civil Rights (OCR) indicated. “The majority of matters we handle are going to be resolved through education” as they have in the […]

HHS Delays HIPAA Deadline for ICD-10 Code Sets

Citing concerns from health care providers, federal regulators are delaying the compliance deadline for HIPAA’s ICD-10 code set rules, which had been scheduled for Oct. 1, 2013, the agency announced Feb. 16. “We have heard from many in the provider community who have concerns about the administrative burdens they face in the years ahead,” said […]

Protect Your Data: Identity Thieves Hit from Where You Least Expect

A 39-month prison sentence was handed down Feb. 1 for an Alabama woman who had pleaded guilty to stealing more than 4,000 patient records from a Birmingham hospital. A federal district court sentenced Chelsea Catherine Stewart to 15 months for wrongfully obtaining individual health information in violation of HIPAA, along with an unrelated bank fraud attempt […]

New EFT Standards Issued for Health Plans Paying Claims

A mandatory uniform standard for health plans to pay claims electronically was adopted in rules issued Jan. 5 by the U.S. Department of Health and Human Services (HHS). The rules are designed to help health care providers match payments received with the “remittance advice” transactions that plans are already sending them under an existing HHS […]

Release of Medicare Claims Data Expected to Help Plan Sponsors

The feds’ decision to release Medicare claims data for quality measurement should help employers and individuals alike make more informed decisions down the road, advancing the goals of health care quality and value, a plan sponsor representative noted. Importantly, the Centers for Medicare and Medicaid Services’ (CMS) final rules apparently will allow the selected data […]

DOL Clarifies Mental Health Parity’s Effect on Pre-Authorization

The effect of the Mental Health Parity and Addiction Equity Act (MHPAEA) on prior authorization practices and other “nonquantitative treatment limitations” was clarified Nov. 17 in guidance from the U.S. Department of Labor (DOL). The MHPAEA interim final rules issued in February 2010 imposed a detailed numerical formula for determining whether quantitative limits such as copayments […]

HHS Kicks Off HITECH Privacy Audits

A wave of HIPAA privacy audits far more comprehensive than anything attempted to date was officially launched Nov. 8 by the U.S. Department of Health and Human Services (HHS). While their official purpose is not enforcement, these audits are likely to cast a broader net than HHS scrutiny has to date — including possibly group […]

TRICARE Suffers Texas-sized Data Breach

Stop me if you’ve heard this one — a car is burglarized, and hardware goes missing that turns out to have sensitive personal data on thousands of beneficiaries, employees, patients and customers. Same old story — but in the millions this time. Medical information on nearly 5 million military clinic and hospital patients was on backup […]

Whistleblowing compliance officer: Trouble from within

Your company’s compliance officer — the person to whom you entrusted your confidential business information — alleges you wrongfully terminated her after she tried to prevent you from violating a federal law. This 8th Circuit opinion rules against the whistleblower in a case that is a fine example of internal breakdown handling a compliance complaint, and sparks […]