Whether a covered entity’s notice of a reportable breach or a complaint triggers investigation, OCR reviews the information, or evidence, that it gathers in each case. In some cases, it is determined that the covered entity did not violate the … Read more..
HIPAA is a complex set of rules, and it’s Administrative Simplification regulations are being enforced with greater intensity. But you don’t have to become an expert in privacy, security and breach notification laws and requirements to stay in compliance. What … Read more..
Failure to comply with HIPAA can result in civil and criminal penalties (42 USC § 1320d-5). The U.S. Department of Justice (DOJ) clarified who can be held criminally liable under HIPAA. Covered entities, Business Associates and individuals, who “knowingly” obtain … Read more..
At the 2014 National HIPAA Summit, Susan McAndrew, Deputy Director of the Health Information Privacy Division, U.S. Department of Health and Human Services Office for Civil Rights (OCR), reported there have been 800 major health care data breaches involving the … Read more..