HIPAA Violation Results in $4.3M Fine for Cancer Center

If you haven’t taken stringent measures to protect patient privacy, this recent ruling from a U.S. Department of Health and Human Services Administrative Law Judge might spur you into action. The ALJ ruled that University of Texas MD Anderson Cancer Center violated HIPAA Privacy and Security Rules and granted summary judgment to the Office for […]

Dumpster Diver Demonstrates Importance of Proper Medical Record Storage and Disposal

Just because a business closes its doors, it doesn’t mean that it no longer is obligated to safeguard patients’ protected health information (PHI), as one company recently learned. Earlier this month, the receiver appointed to liquidate the assets of Filefax, Inc. agreed to pay $100,000 out of the receivership estate to settle potential HIPAA violations. […]

What You Should Know About OCR’s HIPAA Privacy Audits

Have you received a request from HHS Office for Civil Rights (OCR) asking that you provide the name of your privacy official along with any additional criteria? If you have, then you likely are aware that you may be the focus of a HIPAA privacy audit. This is part of the Phase 2 HIPAA Audit […]

When Social Media and Patient Privacy Collide

Earlier this month, three employees of an assisted living facility in Glendale, Arizona were let go after allegedly videotaping patients and posting them to Snapchat. The video shows employees making fun of elderly residents in their care and, instead of taking care of one woman asking for help, the employee continues to film and make […]

HHS Offers New HIPAA Guidance in Light of Opioid Crisis

Shortly after President Donald Trump declared a nationwide public health emergency to combat the opioid crisis, the HHS Office for Civil Rights released new guidance on when and how healthcare providers can share a patient’s health information when that patient may be in crisis and incapacitated, such as during an opioid overdose. HIPAA regulations already […]

OCR Provides Update on HIPAA Enforcement Efforts

The recent WannaCry ransomware attack impacting hospital and healthcare information systems worldwide shone a bright light on the vulnerabilities of most healthcare provider’s networks. But the problem extends far beyond this one case. In fact, there are near daily reports of patients’ private information being accessed due to a lack of appropriate security measures. And, […]

Is Your Telemedicine Company HIPAA Compliant?

UPDATE: According to a news release, the lawsuit filed against MDLive, Inc. was voluntarily dropped by the law firm that originally filed it. MDLive has since published a fact sheet responding to the allegations. A lawsuit seeking class action status recently filed against Telehealth provider MDLive, Inc. underscores the need for all healthcare companies using […]

Why You Need a HIPAA-Compliant Business Associate Agreement

The recent announcement by The Department of Health and Human Services’ Office for Civil Rights (OCR) that it agreed to settle potential violations of the Health Insurance Portability and Accountability Act (HIPAA) with The Center for Children’s Digestive Health (CCDH) should serve as a lesson to other healthcare organizations about the need to obtain signed, […]

HIPAA Data Breach Deadline Fast Approaching

Last week, we wrote about the increasing number of healthcare-related data breaches and how important it is for providers to find better ways to protect their patients’ personal healthcare information. In just a few days – on March 1 – HIPAA-covered entities must submit reports of certain breaches of unsecured protected health information affecting fewer […]

HIPAA Compliance in 2017: The Heat is on

The doctor-patient relationship has always involved a certain level of privacy. But over the years, the stakes for healthcare providers who violate patient privacy have increased exponentially. Barely two months into 2017 and already we are seeing increased activity. A newly released report from Protenus in conjunction with databreaches.net, January saw 31 healthcare data breaches […]

Material presented on the Health Law Offices of Anthony C. Vitale's website is intended for information purposes only.

It is not intended as professional advice and should not be construed as such.