Memorial Healthcare Systems (MHS) has paid the U.S. Department of Health and Human Services (HHS) $5.5 million to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules. MHS has also agreed to implement a robust corrective action plan. MHS is a nonprofit corporation which operates six […]
Tag: protected health information
Question: Are payroll deductions for employee medical plan coverage considered protected health information (PHI) under HIPAA regulations?
Most Health Insurance Portability and Accountability Act (HIPAA) enforcement has focused on the larger breaches of protected health information (PHI). But the U.S. Department of Health and Human Services (HHS) has not forgotten those incidents that fall below the “major” threshold of 500 individuals.
Advocate Health Care Network (Advocate) has agreed to pay $5.55 million to settle with the U.S. Department of Health and Human Services, Office for Civil Rights (OCR), multiple potential Health Insurance Portability and Accountability Act (HIPAA) violations involving electronic protected health information (ePHI). This is the largest HIPAA settlement to date against a single entity.
When investigating a breach of IT network security leading to leakage of protected health information, HHS looks for consistency in the covered entity’s response — with both HIPAA rules and the organization’s own written procedures, according to a former official with HHS’ Office for Civil Rights. OCR tends to “expect a perfect assessment done the […]
by Elizabeth A. Diller and James P. McElligott Jr. Employer-sponsored health plans subject to the Health Insurance Portability and Accountability Act (HIPAA) must be in compliance with the final rule under the Health Information Technology for Economic and Clinical Health Act (HITECH Act) and the Genetic Information Nondiscrimination Act of 2008 (GINA) by September 23. […]