Ricardo Rivera Cardona of the Puerto Rico Health Insurance Administration, intending to send a message by imposing the largest penalty to date ($6.8 million) arising out of a breach of protected health information under HIPAA, as reported by Infomation Security Media Group, is quoted as saying: We are sending a message that we are here to… Continue Reading
Model HIPAA Notices of Privacy Practices now available for September 23, 2013 compliance date.
Click on the link in this post for high-level compliance roadmap concerning the Omnibus Privacy Rule under HIPAA and HITECH for covered plans, providers and business associates.
Breach involving software upgrade to online application system leads to allegations of HIPAA privacy and security failures, and a $1.7 million settlement payment to HHS.
University’s $400,000 payment to HHS to settle HIPAA compliance allegations highlights critical role of risk assessments, and need for security policies and procedures.
Final HIPAA regulations are out…
Following the mass shootings in Newtown, CT, and Aurora, CO, Office for Civil Rights Director Leon Rodriguez issued a letter on January 15, 2013, reminding covered health care providers about disclosures of protected health information that may be made to avert threats to health and safety. The letter points out, for example, that mental health professionals… Continue Reading
On Monday, the Office for Civil Rights released guidance regarding methods for de-identification of protected health information (PHI) in accordance with the HIPAA Privacy Rule and as required by the American Recovery and Reinvestment Act of 2009. HIPAA covered entities and business associates recognize the increasing risks related to handling "protected health information." One way to reduce these risks… Continue Reading