Articles and Blogs

On January 2, 2013, the Department of Health and Human Services (“HHS”) announced that it had reached a settlement with a hospice provider (“Hospice”) arising from potential violations of the Security Rule under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”).  HHS learned of the circumstances giving rise to the enforcement action... READ MORE

On September 17, 2012, the Department of Health and Human Services (“HHS”) announced that it had reached an agreement with two health care providers who were operating as a single affiliated covered entity for purposes of HIPAA (collectively referred to as the “Providers”) to settle potential violations of the Security Rule of the Health... READ MORE

On June 26, 2012, the Department of Health and Human Services (“HHS”) announced that it had reached a settlement with the Alaska Department of Health and Social Services (“Alaska DHSS”) arising from potential violations of the Security Rule under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”).  HHS learned of the circumstances... READ MORE

Today, the Office of Management and Budget (“OMB”) announced that it is extending its review of the final regulations arising from the Health Information Technology for Economic and Clinical Health Act (“HITECH”).  Based on regulatory timeframes, these regulations were expected to be released no later than today.  The regulations have been long-awaited and will... READ MORE

The second wave of the HIPAA Security and Privacy Audit Program conducted by the HHS Office for Civil Rights (OCR) is underway.  Linda Sanches, the Lead for HIPAA Compliance Audits for the OCR, provided a detailed update on the Audit Program at the fifth annual Safeguarding Health Information: Building Assurance through HIPAA Security conference... READ MORE

State attorneys general are beginning to focus their attention on health care privacy laws under the authority granted to them by the Health Information Technology for Economic and Clinical Health Act (“HITECH”) and state consumer laws.  On May 24, 2012, Massachusetts Attorney General Martha Coakley announced the filing of a final judgment with a... READ MORE

The Centers for Medicare & Medicaid Services (CMS) just released a final rule requiring all providers of medical or other items or services and suppliers that qualify for a National Provider Identifier (NPI) to include their NPI on all applications to enroll in the Medicare and Medicaid programs and on all claims for payment submitted... READ MORE

On April 17, 2012, the Department of Health and Human Services (“HHS”) announced that it had reached a settlement with Phoenix Cardiac Surgery, P.C. (the “Practice”) arising from potential violations of the Privacy and Security Rules under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”).  This is the first Resolution Agreement under... READ MORE

The long-awaited final regulations arising from the Health Information Technology for Economic and Clinical Health Act (“HITECH”) appear finally to be near publication.  On March 24, 2012, the Office of Management and Budget (“OMB”) accepted for review the final HITECH regulations from the Department of Health and Human Services (“HHS”).  The OMB will review... READ MORE

On March 13, 2012, the Department of Health and Human Services (“HHS”) announced that it had reached a settlement with Blue Cross Blue Shield of Tennessee (“Blue Cross”) arising from potential violations of the Privacy and Security Rules under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”).  Notably, HHS learned of the... READ MORE