Articles and Blogs

On August 26, 2019, the Substance Abuse and Mental Health Services Administration (“SAMHSA”) issued two Notices of Proposed Rulemaking (“NPRM”) proposing changes to the Confidentiality of Substance Use Disorder Patient Records at Title 42 of the Code of Federal Regulations, Part 2 (“Part 2”). Part 2 is a federal privacy law that protects substance... READ MORE

On July 10, 2019, the Federal Communications Commission (“FCC”) voted unanimously to move forward with its new $100 million telehealth initiative, which seeks to bring telehealth services to low-income Americans, veterans and medically underserved communities. In its Notice of Proposed Rulemaking, the FCC detailed its proposed telehealth initiative rules and anticipated program requirements. As currently... READ MORE

American Medical Collection Agency (“AMCA”), a collection agency that works primarily with health care companies, recently announced a breach of protected health information (“PHI”) and personally identifiable information (“PII”) affecting over 19.6 million patients. Quest Diagnostics and LabCorp, both clients of AMCA, have reported that their patients have been impacted by the incident. AMCA... READ MORE

The Office for Civil Rights (“OCR”) issued a factsheet detailing ten ways a business associate can be held directly liable for violations of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), as provided by the Health Information Technology for Economic Clinical Health (“HITECH”) Act of 2009. Although covered entities are ultimately responsible... READ MORE

Health care providers are increasingly relying on technology to market, communicate with and otherwise provide services to their community, such as information about services provided on the website, patient portals, check-in kiosks and mobile applications. In using technology to communicate with patients and the larger community, it is important to remember the importance of... READ MORE

The Office for Civil Rights (“OCR”) announced that a health system in California (the “System”) was required to pay a $3 million fine and adopt an extensive corrective action plan to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). The System operates several hospitals, including a rehabilitation hospital... READ MORE

A number of organizations, including many health care and financial organizations, nationwide have reported receiving emails that state that an explosive device has been brought into the recipient’s facility and will be detonated unless a ransom is paid in Bitcoin. Law enforcement authorities are investigating; however, at this point, no explosive devices have been... READ MORE

The Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) announced on December 4, 2018 that a hospitalist group (“Group”) that works with hospitals and nursing homes to provide internal medicine physicians has agreed to pay $500,000 and adopt a corrective action plan to settle alleged violations of the Health Insurance... READ MORE

The Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”), announced that a small professional association with three doctors and four locations (the “Practice”) has agreed to pay $125,000 and adopt a corrective action plan to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). The... READ MORE

On October 15, 2018, the Department of Health and Human Services (“HHS”), Office for Civil Rights (“OCR”) announced that it had reached a record $16 million settlement with Anthem arising out of alleged violations of the Privacy and Security Rules under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). The settlement comes... READ MORE