Click on the titles below to read the full articles.
Whether a covered entity’s notice of a reportable breach or a complaint triggers investigation, OCR reviews the information, or evidence, that it gathers in each case. In some cases, it is determined that the covered entity did not violate the requirements of the Privacy or Security Rule. If the evidence indicates that the covered entity […]
HIPAA is a complex set of rules, and it’s Administrative Simplification regulations are being enforced with greater intensity. But you don’t have to become an expert in privacy, security and breach notification laws and requirements to stay in compliance. What you need is help to implement the required controls, workforce education, proper documentation, and continual […]
Failure to comply with HIPAA can result in civil and criminal penalties (42 USC § 1320d-5). The U.S. Department of Justice (DOJ) clarified who can be held criminally liable under HIPAA. Covered entities, Business Associates and individuals, who “knowingly” obtain or disclose individually identifiable health information in violation of the Administrative Simplification regulations face fines, […]
At the 2014 National HIPAA Summit, Susan McAndrew, Deputy Director of the Health Information Privacy Division, U.S. Department of Health and Human Services Office for Civil Rights (OCR), reported there have been 800 major health care data breaches involving the PHI of 500 or more individuals. These breaches resulted in the exposure of the personal […]