Tag: protected health information

HIPAA

Misuse of Former Employee’s Login Credentials Leads to $5.5 Million HIPAA Settlement

Memorial Healthcare Systems (MHS) has paid the U.S. Department of Health and Human Services (HHS) $5.5 million to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules. MHS has also agreed to implement a robust corrective action plan. MHS is a nonprofit corporation which operates six […]

OCR to Take Closer Look at Smaller HIPAA Breaches

Most Health Insurance Portability and Accountability Act (HIPAA) enforcement has focused on the larger breaches of protected health information (PHI). But the U.S. Department of Health and Human Services (HHS) has not forgotten those incidents that fall below the “major” threshold of 500 individuals.

Record HIPAA Settlement: Advocate Health Care Pays $5.55 Million

Advocate Health Care Network (Advocate) has agreed to pay $5.55 million to settle with the U.S. Department of Health and Human Services, Office for Civil Rights (OCR), multiple potential Health Insurance Portability and Accountability Act (HIPAA) violations involving electronic protected health information (ePHI). This is the largest HIPAA settlement to date against a single entity.

OCR Expects Consistency in HIPAA Breach Response

When investigating a breach of IT network security leading to leakage of protected health information, HHS looks for consistency in the covered entity’s response — with both HIPAA rules and the organization’s own written procedures, according to a former official with HHS’ Office for Civil Rights. OCR tends to “expect a perfect assessment done the […]

HITECH Act compliance deadline is September 23

by Elizabeth A. Diller and James P. McElligott Jr. Employer-sponsored health plans subject to the Health Insurance Portability and Accountability Act (HIPAA) must be in compliance with the final rule under the Health Information Technology for Economic and Clinical Health Act (HITECH Act) and the Genetic Information Nondiscrimination Act of 2008 (GINA) by September 23. […]