HIPAA covered entities and business associates need to consider how to practically and efficiently track and illustrate compliance should they find an OCR investigator knocking at the door.
Continue Reading Automating HIPAA Compliance Tracking and Audit Preparation
Information Management
OCR Announces HIPAA Audit Program
Today, the Office for Civil Rights formally announced its HIPAA audit plan, with audits commencing in November 2011. A new page on OCR’s website answers some helpful questions for covered entities and business associates, which are summarized in this report.
Continue Reading OCR Announces HIPAA Audit Program
Update: Ninth Circuit to Rehear CFAA Case
As previously discussed, the federal appeals court in San Francisco had reinstated an indictment charging a former employee of Korn/Ferry International, Inc., with violations of the Computer Fraud and Abuse Act, 18 U.S.C. § 1030 (the “CFAA”) for trying to start a business that would compete with his former employer. Now, however, at…
HIPAA Audits to Begin Early 2012
Approximately 150 HIPAA on-site audits are scheduled to begin in early 2012. Covered entities and business associates should be aware of the nature and scope of these audits and what they should be doing to be prepare should they be selected.
Continue Reading HIPAA Audits to Begin Early 2012
Connecticut Attorney General Establishes Privacy Task Force
Newly created Privacy Task Force in Connecticut may lead to increased enforcement.
Continue Reading Connecticut Attorney General Establishes Privacy Task Force
California Strengthens its Data Breach Notification Law
By Joseph J. Lazzarotti on
California tightens its data breach notification requirements.
Continue Reading California Strengthens its Data Breach Notification Law
Illinois Amends Its Data Breach Notification Law and Adds Data Disposal Mandate
By Joseph J. Lazzarotti on
Illinois amends its breach notification law and adds a data disposal mandate.
Continue Reading Illinois Amends Its Data Breach Notification Law and Adds Data Disposal Mandate
In-House Physician’s Disclosure of Employee Medical Information to Management Violates ADA, Court Rules
By Joseph J. Lazzarotti on
On-site health clinics, occupational health clinics, and in-house physicians can be attractive options for businesses that take a comprehensive approach to disability and leave management. However, as one federal district court makes clear, employers need to be mindful of the workplace law risks. This case involves one of those risks – the ADA and its confidentiality requirements.
Continue Reading In-House Physician’s Disclosure of Employee Medical Information to Management Violates ADA, Court Rules
Employers May Consider Applicant’s Bankruptcy When Making Hiring Decision, Eleventh Circuit Rules
By Joseph J. Lazzarotti on
One might think that bankruptcy is a private matter, with little to no bearing on whether one can meet the qualifications for a particular job. As my colleagues report today, the U.S. Court of Appeals for the Eleventh Circuit (with jurisdiction over Alabama, Florida and Georgia) joins its sister Circuits (the Third and Fifth Circuits) in…
HHS’ Office of Inspector General Recommends More HIPAA Audits
Government report says HIPAA enforcement not sufficient to protect electronic health information and recommends more audits. The result may be more “compliance reviews,” audits, for covered entities and business associates.
Continue Reading HHS’ Office of Inspector General Recommends More HIPAA Audits