Privacy

Subscribe to Privacy via RSS

On April 22, 2024, the federal Department of Health and Human Services’ Office for Civil Rights (OCR) announced a final rule enhancing privacy protections relating to reproductive health care. Specifically, the final rule amends the Privacy Rule under the Health Insurance Portability and Accountability Act (HIPAA) to, among other things, establish new limits on the

Many HIPAA covered entities and business associates struggle with developing and implementing a sanctions policy. What should it say, is zero-tolerance required, do we have to impose discipline in every case, etc. These are examples of frequent and thorny questions that arise in connection with the development and implementation of these policies. But they are

What do ransomware, Yelp, and website tracking technologies all have in common? They are troubling areas of concern for HIPAA covered entities and business associates, according to one official from the federal Office for Civil Rights (OCR) which enforces the HIPAA privacy and security rules. Recently, the Executive Editor of Information Security Media Group’s (ISMG’s)

October 2018 marks the 15th annual National Cyber Security Awareness Month. In honor of this occasion, the Office of the National Coordinator for Health Information Technology (ONC) and the HHS Office for Civil Rights (OCR) have jointly launched an updated HIPAA Security Risk Assessment (SRA) Tool to help covered entities and business associates comply

New Jersey’s Attorney General Gurbir S. Grewal and the New Jersey Division of Consumer Affairs (“Division”) recently announced that a physician group affiliated with more than 50 South Jersey medical and surgical practices agreed to pay $417,816 and improve data security practices to settle allegations it failed to properly protect the privacy of more than

The pace of innovation in healthcare today has produced an amazing increase in the number of available mobile apps for health-related information. More than 300,000 healthcare apps are available online. Our colleagues in the Workplace Privacy, Data Management & Security practice group discusses whether healthcare providers can tap into the available technology of “connectivity” and

The U.S. Department of Health and Human Services had issued guidance on ransomware attack prevention and recovery from a healthcare sector perspective in July 2016. The importance of these measures was highlighted by the recent worldwide ransomware, “WannaCry,” attack that caused major disruption to the United Kingdom’s National Health Service and cancellation of operations. Learn