April 1, 2026
Feldesman Health Care Compliance Counsel Natalie Lesnick will present “Challenges for Small Covered Entities: How to Build a Robust Privacy/Security Program with Limited Resources” at the 43rd HIPAA Summit, taking place April [...]
October 21, 2025
In an increasingly busy world, it’s easy for patients to forget appointments scheduled weeks, or even months, in advance. For health centers, however, missed appointments can be costly and may hinder efforts [...]
October 16, 2025
Health centers collect and store large amounts of Protected Health Information (PHI), which carries significant risks and responsibilities. Partnering with a business associate to assist with your health center's work means you [...]
July 24, 2025
On June 18, 2025, a federal judge in Texas issued a nationwide injunction vacating the HIPAA Privacy Rule to Support Reproductive Health Care Privacy[1] ("Reproductive Privacy Rule").[2] Originally published on April 26, [...]
July 7, 2025
On June 6, 2025, Jackson Health System of Miami, Florida, announced that it had fallen victim to an insider data breach affecting more than 2,000 patients. According to its press release, an [...]
April 25, 2025
OCR’s New Security Risk Analysis Initiative Results in Seven Enforcement Actions in First Six Months
In the fall of 2024, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced the first enforcement action in its “Risk Analysis Initiative.” Since then, a [...]
December 19, 2024
As the December 23, 2024, compliance date approaches for the HIPAA Privacy Rule to Support Reproductive Health Care Privacy Final Rule (“Final Rule”), below are three areas where HIPAA covered entities, including [...]
May 2, 2024
In the most recent press release on the Change Healthcare cyberattack, parent company UnitedHealth Group (UHG) acknowledged that, “Based on initial targeted data sampling to date, the company has found files containing [...]
February 23, 2024
One of the key provisions of the Health Insurance Portability and Accountability Act (HIPAA) is the Breach Notification Rule, which requires covered entities and business associates to notify affected individuals, the Department [...]
February 9, 2024
On February 8, 2024, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) and the Substance Abuse and Mental Health Services Administration (SAMHSA) announced long-awaited changes to [...]
