Tag Archives: HHS

New HIPAA/HITECH Rules Implementation Roadmap: Countdown Begins to September 23, 2013 Compliance Deadline

By Boris Segalis on March 31, 2013 Posted in HIPAA, HITECH

Last week marked the effective date of the Department of Health and Human Services (HHS) Office of Civil Rights comprehensive modifications to the HIPAA Privacy, Security, Enforcement and Breach Notification Rules (“the Rules”). The arrival of the effective date commences the 180-day period for covered entities to come into compliance with most of the Rule’s… Continue Reading

Changes to HIPAA Privacy Rule Proposed by HHS – Find Out Who Has Accessed Your Health Records

By InfoLawGroup LLP on June 1, 2011 Posted in Data Privacy Law or Regulation, Regulations

On May 31, 2011 the Department of Health and Human Services Office for Civil Rights issued a notice of proposed rulemaking that would add substantial data privacy requirements to the HIPAA Privacy Rule. One of the requirements the HHS proposed pursuant to both the HITECH Act and its more general authority under HIPAA is for… Continue Reading

February Brings a Privacy Enforcement Storm: HHS, FTC and FINRA Act

By Boris Segalis on February 22, 2011 Posted in Enforcement, HITECH

This month, federal agencies and FINRA have announced significant privacy enforcement actions that have resulted in millions of dollars in fines. The U.S. Department of Health and Human Services (HHS) imposed a $4.3M fine on a health plan for violations of the HIPAA Privacy Rule; the Federal Trade Commission (FTC) settled with several resellers of consumer reports allegations that the resellers failed to adequately safeguard consumer information; and FINRA imposed a $600K fine on two securities firms for failure to safeguard access to customer records. Here are the details:

FAQ on the Proposed Modifications to the HIPAA Rules: Part Two

By Tanya Forsheit on July 15, 2010 Posted in Health Care, HITECH, Marketing

This post is Part Two of my FAQ on the proposed modifications to the HIPAA Rules issued by HHS last week. Part Two focuses on the proposed modifications to the Privacy Rule.

FAQ on the Proposed Modifications to the HIPAA Rules: Part One

By Tanya Forsheit on July 12, 2010 Posted in Health Care, HITECH

As reported last week, on Thursday the Department of Health and Human Services (“HHS”) issued its long-anticipated Notice of Proposed Rulemaking (“NPRM”) on Modifications to the Health Insurance Portability and Accountability Act (“HIPAA”) Privacy, Security, and Enforcement Rules under the Health Information Technology for Economic and Clinical Health Act (the “HITECH” Act). For those of us who subscribe to numerous technology and law listservs, this meant emailboxes flooded with opinions, criticism, speculation, and flat-out fear mongering. We thought people might like to know what the proposed modifications actually say, and what they mean. So, this post provides Part One of a FAQ on the 234 page NPRM. This post, Part One, addresses general issues (including significant changes involving subcontractors) and proposed modifications to the HIPAA Security and Enforcement Rules. Part Two, later this week, will address the proposed modifications to the HIPAA Privacy Rule.

InfoLaw Alert: HHS Issues Proposed Mofications to HIPAA Security and Privacy Rules

By David Navetta on July 8, 2010 Posted in HITECH

The Department of Health and Human Services released proposed modifications to the privacy and security rules related to HIPAA. We are still reading through the 234 page document, but it appears that the new rules expand HIPAA responsibilities for business associates. In addition, HHS has set up a web portal that provides a summary of… Continue Reading