Author: Sumaya M. Noush (page 1 of 5)

$500,000 Settlement for Failure to Comply with Basic HIPAA Compliance Requirements

Share

Advanced Care Hospitalists PL (ACH) and the Office for Civil Rights of the U.S. Department of Health and Human Services (HHS-OCR) entered into a $500,000 no-fault settlement and two year corrective action plan (CAP) to settle potential violations of the Health Insurance Portability and Accountability Act (HIPAA).

Continue reading

Physician Provided PHI to Media When “No Comment” Would Have Sufficed

Share

The U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced a $125,000 no-fault settlement and two-year corrective action plan with Allergy Associates of Hartford, P.C. (Allergy Associates) stemming from an incident involving a physician who impermissibly released protected health information (PHI) to the media.

Continue reading

Three Separate OCR Settlements Resulting from Hospital Failures to Obtain Patient Authorization for Use of Protected Health Information Before Filming Television Docuseries

Share

The Department of Health and Human Services, Office for Civil Rights (OCR) announced three separate settlements with Boston Medical Center (BMC), Brigham and Women’s Hospital (BWH), and Massachusetts General Hospital (MGH), respectively, over potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule totaling $999,000. According to the settlements, the potential violations were the result of the alleged disclosure of patient protected health information (PHI) to ABC News employees during the production and filming of the docuseries called  “Save My Life: Boston Trauma,” at each hospital.

Continue reading

CMS Releases Final Rule for Promoting Interoperability Program

Share

The Centers for Medicare and Medicaid Services (CMS) recently released their Final Rule for the Promoting Interoperability Program formerly known as the Medicare and Medicaid Electronic Health Record Incentive Programs.

CMS had previously published a Proposed Rule and a request for feedback from the public related to improving interoperability and the sharing of electronic medical records between providers, and between providers and patients, which we covered in a May blog post. CMS has stated that the purpose of the Final Rule is to “advance the agency’s priority of creating a patient-centered health care system by achieving greater price transparency, interoperability, and significant burden reduction so that hospitals can operate with better flexibility and patients have what they need to be active healthcare consumers.”

Continue reading

Business Associate Exposes Protected Health Information of 19,000 Patients

Share

An error made by a transcription service provider during a software upgrade on Orlando Orthopaedic Center (OOC)’s server in December 2017 has resulted in the exposure of more than 19,000 patients’ protected health information (PHI). PHI stored on OOC’s server from December 2017 until February 2018 – when the breach was finally discovered – was freely exposed over the internet without any authentication. Upon full investigation, patients’ names, social security numbers, dates of birth, insurance information, employer details, and treatment types were deemed accessible.

Continue reading

New Report Finds Health Care Industry Bears Highest Data Breach Costs

Share

Health care data breaches cost health care entities an average $408 per record– the highest of any industry for the eighth straight year, according to IBM and the Ponemon Institute’s 2018 Cost of a Data Breach Report, and three times higher than the cross-industry average of $148 per record. The cost for a health care data breach increased from last year’s reported average of $380 per record. Contributing factors to the high costs include compliance with laws and regulations and abnormally high churn rates due to consumer mistrust.

Continue reading

Older posts

© 2019 Drinker Biddle & Reath LLP. All Rights Reserved. Lawyer Advertising.

Disclaimer/Privacy Policy