Although it’s been 2 years since the Dobbs v. Jackson Women’s Health decision from the Supreme Court, various state legislatures and courts have tried to define the new post-Roe landscape. This effort includes new and revised laws to amend existing privacy laws to protect consumer health data. You can find out more on our
Nancy Halstead
U.S. Department of Health and Human Services issues final rules expected to transform how certain stakeholders share patient information
The U.S. Department of Health and Human Services (HHS) released companion interoperability and information blocking final rules that will significantly impact the way in which certain health care providers, health information technology (IT) developers, and health plans share patient information. For a discussion on major provisions of these rules, please read our post on our…
OCR releases new FAQs on use of health apps
The U.S. Department of Health and Human Services Office for Civil Rights (OCR) released a new set of Health Insurance Portability and Accountability Act (HIPAA) FAQs building upon prior guidance from OCR. The new FAQs discuss the applicability of HIPAA to covered entities and business associates that interact with health apps and explain when…
OIG Report Indicates OCR Not Overseeing and Enforcing HIPAA Security Rule
A November 21, 2013 report published by the Office of the Inspector General (OIG) concluded that The Department of Health & Human Services (HHS) Office for Civil Rights (OCR) is not fully enforcing the HIPAA Security Rule and laid out recommendations for the OCR to implement. The OIG’s report also concluded separately that OCR is…
Long-Awaited HITECH Final Rule is Here
This post was also written by Salvatore G. Rotella, Jr., Elizabeth Doyle O’Brien, Jennifer Pike and Zachary A. Portin.
After much anticipation, the Office for Civil Rights of the United States Department of Health and Human services published the HITECH Final Rule on January 25, 2013. The final regulation contains substantive and technical modifications…
The Arrival of the OCR HIPAA/HITECH Final Rule is Here
The long awaited final rule, released yesterday by the Office for Civil Rights (OCR) of the Department of Health and Human Services, modifies the HIPAA Privacy, Security, Breach and Enforcement Rules and is comprised of four final rules which implement the statutory requirements of the Health Information Technology for Economic and Clinical Health Act (HITECH)…
Awaiting the Release of the HITECH Final Rule
As the year is coming to an end, the industry is speculating the release date of the Health Information Technology for Economic and Clinical Health Act (“HITECH”) final rule. The final rule is expected to address modifications to the Privacy, Security, Enforcement, and Breach Notification Rules, and with the release date yet to be determined,…
First Enforcement Action Resulting From a Breach Self-Report Announced by OCR
On March 13, 2012 the Department of Health and Human Services (HHS), Office of Civil Rights (OCR) announced its settlement with Blue Cross Blue Shield of Tennessee (BCBST), marking the first enforcement action resulting from a breach self-report required by HITECH’s Breach Notification Rule.
For a more detailed analysis, please click here.