In an era where cyberattacks on the health care industry have become alarmingly frequent and catastrophic, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has taken a bold step forward. The recently issued Notice of Proposed Rulemaking (NPRM) is OCR’s direct response to the escalation of cyber threats and
OCR
Patient access and big-ticket data breaches lead OCR enforcement initiatives
HIPAA enforcement actions in the past year have continued to focus on the patient right to access initiative and large scale data breaches. While most of the recent enforcement actions focused on the patient right to access initiative, two noteworthy settlements stemmed from covered entities disclosing protected health information in response to negative online reviews.
Over the past year, the types, sizes, and locations of the investigated entities varied, and resulted in settlements ranging from $3,500 – $240,000. Department of Health and Human Services Office for Civil Rights (“OCR”) seemed to consistently impose comparatively higher settlements amounts for violations that resulted in large scale data breaches.Continue Reading Patient access and big-ticket data breaches lead OCR enforcement initiatives
October 16 Deadlines Quickly Approaching for the ACA’s Nondiscrimination Requirements: Are You Ready?
By October 16, 2016, all health programs and activities receiving federal financial assistance from the Department of Health and Human Services (HHS), those administered by HHS, and Health Insurance Marketplaces (Covered Entities), must be in compliance with the final pieces of the final rule issued by the Office for Civil Rights (OCR) issued May 18…