When is a Covered Entity Liable for a Business Associate Breach?
Under the HIPAA Privacy Rule, a covered entity may, in some circumstances, be liable for its business associate breach under the business associate agreement. When May [...]
When Can a Covered Entity Deny a Request to Amend PHI?
The HIPAA Privacy Rule permits patients to request that PHI contained in their medical records, be amended. The right is not unlimited, however, and a covered [...]
MSP Security Rule Compliance
A managed service provider (MSP) is an entity that remotely manages a covered entity’s IT infrastructure, and/or end-user systems. Managed service providers who work with clients [...]
HIPAA Privacy Complaints Lead to More Informal Intervention Efforts
The numbers seem to paint an odd picture. In 2018, the federal Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) received 25,912 health information privacy [...]
Electronic Health Information Exchange and HIPAA
Under the HIPAA Privacy Rule, the use or disclosure of protected health information (PHI) is permitted for treatment purposes. Electronic health information exchange - a method of data transmission [...]
Accidental Disclosure of PHI
Even when a covered entity or business associate maintains an effective HIPAA compliance program, there are still instances where unintentional HIPAA violations occur. These violations can take [...]
HIPAA Security Rule: Risk Analysis Review and Updating
The HIPAA Security Rule requires that covered entities (health plans, healthcare clearinghouses, and healthcare providers who electronically transmit any health information in connection with a HIPAA [...]
The OCR HIPAA Violation Complaint Portal and Portal Assistant
The United States Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) provides an online HIPAA Violation Complaint Portal Assistant that allows individuals who [...]
Hospital Data Breaches and Patient Deaths
Researchers for the journal Health Services Research recently conducted a study to determine whether there is a relationship between hospital data breaches and patient deaths. Of particular interest was [...]
HIPAA Enforcement: Who Enforces HIPAA?
There are significant consequences for breaking the HIPAA laws. The HIPAA Rule is enforced through several methods. HIPAA is a federal law, which is enforced by the Department of [...]
