April 25, 2025
OCR’s New Security Risk Analysis Initiative Results in Seven Enforcement Actions in First Six Months
In the fall of 2024, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced the first enforcement action in its “Risk Analysis Initiative.” Since then, a [...]
December 19, 2024
As the December 23, 2024, compliance date approaches for the HIPAA Privacy Rule to Support Reproductive Health Care Privacy Final Rule (“Final Rule”), below are three areas where HIPAA covered entities, including [...]
May 2, 2024
In the most recent press release on the Change Healthcare cyberattack, parent company UnitedHealth Group (UHG) acknowledged that, “Based on initial targeted data sampling to date, the company has found files containing [...]
February 23, 2024
One of the key provisions of the Health Insurance Portability and Accountability Act (HIPAA) is the Breach Notification Rule, which requires covered entities and business associates to notify affected individuals, the Department [...]
February 9, 2024
On February 8, 2024, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) and the Substance Abuse and Mental Health Services Administration (SAMHSA) announced long-awaited changes to [...]
May 8, 2023
Health center Federal Tort Claims Act (FTCA) annual redeeming applications are due by June 23, 2023. The requirements for redeeming for CY 2024 are described in Program Assistance Letter 2023-01 (PAL 2023-01), [...]
April 14, 2023
On April 12, the Office for Civil Rights (OCR) issued a Notice of Proposed Rule Making (NPRM) to strengthen the federal privacy protections for reproductive health records. The NPRM seeks to address [...]
March 29, 2023
On February 17, 2023, the HHS Office for Civil Rights (OCR) released its Annual Report to Congress on Breaches of Unsecured Protected Health Information for Calendar Year 2021 (“HIPAA Breach Report”) and [...]
-
December 22, 2022
On December 1, the Office for Civil Rights (OCR) issued guidance on the use of online tracking technologies by HIPAA covered entities and business associates. Health care providers, including hospital and health [...]
-
October 6, 2022
As of October 6, 2022, the Office of the National Coordinator (ONC)’s Cures Act Final Rule (known as the Info Blocking Rule) applies to all electronic health information (EHI). Prior to October [...]
