.

Google       

OR PHONE (866) 635-1838 for Bankruptcy Help, (866) 635-6190 for Divorce,
(866) 635-2689 for Personal Injury or (866) 635-9402 for Criminal Defense

Find a Local Lawyer

Bankruptcy (866) 635-1838
Divorce (866) 635-6190
Personal Injury (866) 635-2689
Criminal Defense (866) 635-9402


Health Law

HIPAA Health Law & Technology HIPAA Health Law & Technology

Legal developments, issues, and other pertinent information relating the creation, use, and exchange of health information. Topics include EHRs and PHRs; HIEs, RHIOs, and EHR networks; privacy and security; breaches; and recent legislation.
By Helen Oscislawski

Post Frequency: 1/day

Last Entry: October 27, 2014 at 16:49:16

Recent Entries: 342

Track this blog ()

Go to HIPAA Health Law & Technology, find other Health Law blogs, or browse all law blogs.

Search
This Blog Only All Blogs

Posts

Medical Device, ?Heal Thyself? from Data Hacking

Posted on October 27, 2014
Innovative health care-related technology and developing telemedicine products have the potential for dramatically changing the way in which health care is accessed. The Federation of State Medical Boards (FSMB) grappled with some of the complexities that arise as information is communicated electronically in connection with the provision of medical care and issued a Model Policy...


Which Privacy Protections Apply? HIPAA, FERPA and Ebola

Posted on October 22, 2014
Recent news articles regarding a New Jersey elementary school?s handling of the enrollment of two new students from Rwanda provided another glimpse of Ebola hysteria and the opportunity for me to follow up on Bill Maruca?s blog about Ebola and HIPAA with yet another (fairly obscure) statutory acronym...


Ebola In The News ? Is Too Much PHI Being Revealed And By Whom?

Posted on October 15, 2014
The names and photos of the late Thomas Eric Duncan and his former nurse Nina Pham are all over news media reports of the first cases of Ebola in the United States. But just how did news outlets learn their identities? Or, as my assistant asked me this morning, ?isn?t this a HIPAA violation?? as...


Cyber-Sleuth or Cyber-Thief? LabMD Case Continues to Expose the Good, the Bad, and the Downright Ugly in Cyber-Security Developments

Posted on October 15, 2014
LabMD, Inc. CEO Michael J. Daugherty continues to doggedly defendLabMD against an action brought bythe Federal Trade Commission (FTC)against LabMD based onSection 5 of the FTC Act. He now has an opportunity to prove himself the ?good guy? following last week?s decision by Chief Administrative Law Judge D...


To access this complete feed in the blog feed reader login or register for free.

Beware of Social Utilities Bearing New Apps Gifts

Posted on October 06, 2014
Michael Coco writes: I have never considered myself to be at the forefront of the newest technology. Those familiar with the Technology Adoption Lifecycle might even classify me as a ?laggard.? For example, I don?t own a Blu-ray player, a first-generation iPod nano controls the music in my car, and the only reason I bought...


?Step Away from that Subpoena? and Review HIPAA Obligations Before Producing PHI

Posted on October 01, 2014
If you receive a subpoena, discovery request, or even a court order demanding the release or production of documents or files that may contain protected health information (PHI), are you obligated to comply? The surprising answer, in many cases, is ?no?...


Countdown to September 22nd ? Shortcuts for Business Associate Agreement Compliance

Posted on September 09, 2014
The deadline for executing a HIPAA Omnibus Rule-compliant Business Associate Agreement (BAA) looms just 2 short weeks from today. What can a busy covered entity (CE) or business associate (BA) do quickly to show HHS (let alone its business partners/contractors) that it wants and fully intends to comply with the new requirements? Here are3 shortcuts...


Is that Cute Baby Photo Really PHI? Calming the HIPAA Hullabaloo

Posted on August 14, 2014
Last Sunday?s New York Times article by Anemona Hartocollis on the illegality of posting baby pictures in a doctor?s office made me wonder if anyone I know could pick my kids’ facesout of a line up of cute newborn photos postedon the wall of a doctor?s office...


The Parade of Major Reported PHI Breaches Surges to 885 ? Theft and Loss Dominate the Numbers

Posted on July 30, 2014
The number of large breaches of Protected Health Information (PHI) under HIPAA that have been reported on the so-called ?Wall of Shame? (the HHS List) maintained by the U.S. Department of Health and Human Services has jumped by 239 to 885 in less than a year...


Two Months to Amend HIPAA Business Associate Agreements for Omnibus Compliance, But Beware the Bare Bones BAA

Posted on July 22, 2014
Does your business associate agreement (BAA) reflect your business deal, or is it a bare bones HIPAA compliance document? Now is the time to check. The HIPAA ?Omnibus Rule? published in January of 2013 gave covered entities, business associates, and subcontractors until September 22, 2014 to make their business associate agreements (BAAs) compliant, so use...


Hobby Lobby, HIPAA and Happy Independence Day

Posted on July 03, 2014
The recent United States Supreme Court decisioninBurwell v. Hobby Lobby Stores, Inc. has attorneys, pundits, policy-makers and businesses (yes, corporations are people, too) pondering big, quintessentially American issues like the free exercise of religion, compelling government interests, and our fundamental right to make money (and, as a corollary issue, what distinguishes for-profit from not-for-profit corporations)...


Paper Records HIPAA Violation Results in $800,000 Payment under HHS Resolution Agreement

Posted on June 29, 2014
My partner Elizabeth Litten was quoted at length by Alexis Kateifides in his recent article in DataGuidance entitled ?USA: ‘Unique’ HIPAA violation results in $800,000 settlement? While the full text can be found in the June 26, 2014 article in DataGuidance...


PHI Data Breaches just went from Bad Dream to Nightmare in West Virginia

Posted on June 13, 2014
Michael Cocowrites: The dreaded PHI data breach is every covered entity?s bad dream, but the West Virginia Supreme Court just turned that bad dream into a nightmare. The court decided a case, Tabata v. Charleston Area Medical Center, Inc., brought on behalf of thousands of patients requesting class certification to sue the medical center for...


Risky (Health Care) Business: Disclosure of FTC Data Security Enforcement Potential to Investors and Other Third Parties

Posted on June 09, 2014
Readers of this blog know that we have been tracking the FTC?s recent data security enforcement activities with a particular focus on the FTC v. LabMD case. As reported by Cause of Action, a nonprofit organization involved in the defense of LabMD, the LabMD trial was put on hold on May 30, 2014 until June...


Will Unearthing the FTC?s Data Security Standards Help the Health Care Industry?

Posted on May 07, 2014
As a regulatory lawyer, I frequently find myself parsing words and phrases crafted by legislators and agencies that, all too often, are frustratingly vague or contradictory when applied to a particular real-world and perhaps unanticipated (at the time of drafting) scenario...


Unencrpyted Laptops Prove Costly

Posted on April 24, 2014
Is the PHI on all your mobile devices encrypted? If not, here?s another two million reasons to make encryption your top priority. The Office of Civil Rights (OCR) of the Department of Health and Human Services announced on April 22, 2014 that they had imposed nearly $2 million in penalties on two entities as a...


When the Long Arm of HIPAA Reaches into Mergers, Acquisitions and Asset Sales of Health Care Practices

Posted on April 18, 2014
Michael J. Coco writes: If you have ever bought or sold a business, or you have experience with the process, you are aware of the due diligence efforts and multiple agreements required to close the deal. Transactions involving the sale or purchase of health care related business, such as a medical practice, often take the...


Wild West Data Breach Sheriff Wins a Round Back East

Posted on April 16, 2014
LabMD is not the only company that has tried to buck the FTC?s assertion of authority over data security breaches. Wyndham Worldwide Corp. has spent the past year contesting the FTC?s authority to pursue enforcement actions based upon companies? alleged ?unfair? or ?unreasonable? data security practices...


The Wild West of Data Breach Enforcement by the Feds

Posted on March 18, 2014
Imagine you have completed your HIPAA risk assessment and implemented a robust privacy and security plan designed to meet each criteria of the Omnibus Rule. You think that, should you suffer a data breach involving protected health information as defined under HIPAA (PHI), you can show the Secretary of the Department of Health and Human...


HHS Enforces Against County Government in Washington State

Posted on March 11, 2014
Last week?s Resolution Agreement between the US Department of Health and Human Services, Office for Civil Rights (?HHS?) and a small county in Washington State marks the first time HHS has settled an action against a county government for noncompliance with the Privacy and Security Rules under HIPAA (the ?HIPAA Rules?)...


More on Considerations for Entering into or Revising Business Associate Agreements

Posted on February 26, 2014
My partner Elizabeth Litten and I were interviewed by Marla Durben Hirsch for her recent article in Medical Practice Compliance Alert entitled ?Evaluate Relationships Before Signing Business Associate Agreements.? While the full text can be found in the February 3, 2014 issue of Medical Practice Compliance Alert, the following considerations are based upon points discussed...


Puerto Rico Raises a High Bar for Fines Levied for PHI Breaches

Posted on February 24, 2014
My partner Bill Maruca was quoted in Jeff Overley?s article ?Historic HIPAA Fine Will Push Feds To Get Tougher? published in Law360 on Friday, February 20, 2014. The article reports on the nearly $7 million fine imposed by the Puerto Rico Health Insurance Administration onacontractor, health plan Triple-S Salud Inc...


?Boilerplate? Provisions in Business Associate Agreements Warrant Attention

Posted on January 28, 2014
Michael J. Coco writes: The expanded requirements under the HIPAA Omnibus Rule for a Business Associate Agreement (?BAA?) has created an increase in volume and the need for analysis of such agreements, as individuals in industries traditionally unrelated to health care ? such as IT vendors ?find themselves confronting issues respecting a BAA...


HIPAA Compliance Trends for 2014

Posted on January 22, 2014
My partner Elizabeth Litten and I were interviewed by Marla Durben Hirsch forher Medical Practice Compliance Alert article ?HIPAA, ICD-10 Among 6 Compliance Trends That Will Affect You in 2014.? While the full text can be found in the January 6, 2014 issue of Medical Practice Compliance Alert, a synopsis is noted below...


Springing, Shifting, and Slip-Sliding Business Associate Agreements

Posted on January 17, 2014
What do you do if you have signed a Business Associate Agreement (BAA) with a covered entity, but are getting protected health information (PHI) from the covered entity in conjunction with health care treatment you provide to the individual? What if another covered entity provider has contracted with you to provide services to that provider?s...


HIPAA Failure Results In Penalties: Lack of Compliance the Key

Posted on January 07, 2014
Our partner Keith McMurdy posted this analysis of a recent HIPAA settlement involving a physician practice on our Employee Benefits Legal Blog: HIPAA Failure Results In Penalties: Lack of Compliance the Key By Keith R. McMurdy on January 1, 2014Posted in Plan Administration, Welfare Plans Often, when I am discussing HIPAA privacy compliance, I am...


Avoiding a HIPAA Identity Crisis in 2014

Posted on December 27, 2013
Who you are makes a big difference in how and whether you must protect individually identifiable health information under HIPAA. As we near the end of 2013, I look back at the events of the past year and am struck by the breadth and complexity of the issues we have written about on this blog...


Complex New Healthcare Relationships Create New Challenges in Electronic Health Records

Posted on December 22, 2013
My partner Elizabeth G. Litten and I were interviewed by Marla Durben Hirsch in the FierceEMR article “Healthcare Attorneys: New Business Relationships Will Create New EHR Problems.” It is always a pleasure for us to talk with Marla because she provokes our thinking in new areas...


OCR Gets Coal in its Stocking from OIG

Posted on December 05, 2013
Who watches the watchdogs to ensure they?re not sleeping on the job? The Office of Inspector General (OIG) of the Department of Health and Human Services has published a report of its review of the Office of Civil Rights? HIPAA/HITECH Security Rule oversight efforts, and some of the findings are not pretty...


The Parade of PHI Security Breaches: Why Did it Take Two Years for the Status of Minne-Tohe Health Center as a Marcher to be Disclosed?

Posted on October 29, 2013
It is noteworthy that there are often substantial delays in disclosures regarding covered entities (?CEs?) that have become marchers in the Parade of large Protected Health Information (?PHI?) security breaches under HIPAA. This is the case even though the PHI breach notification rule requires that, when a PHI breach affects 500 or more individuals (a...


Next
Bloggers, promote your law blog by nominating your blog for inclusion in USLaw.com's Law Blog Directory and RSS Reader. Benefits described.
Related Law Bulletins

Related Law Articles

is===1
Related Law Questions

Related Searches
















US Law
#1 Online Legal Resource













Your Blog Subscriptions
Subscribe to blogs

10,000+ Law Job Listings
Lawyer . Police . Paralegal . Etc
Earn a law-related degree
Are you the author of this blog? Adding USLaw.com to your Blogroll increases relevance. You qualify to display a USLaw Network badge.
Suggest changes to this blog's description or nominate another for inclusion. Register for updates.


Practice Area
Zip Code:

Contact a Lawyer Now!










is===1