The OCR HIPAA Violation Complaint Portal and Portal Assistant

The United States Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) provides an online HIPAA Violation Complaint Portal Assistant that allows individuals who believe their HIPAA rights have been violated to report the incident. Users may input the following information using the Complaint Portal Assistant: When they learned of the most recent HIPAA violation Whom the complaint about the HIPAA violation [...]

2021-08-02T16:58:30-04:00December 20th, 2019|

HIPAA Enforcement

There are significant consequences for breaking the HIPAA laws. The HIPAA Rule is enforced through several methods.  The most common method of HIPAA enforcement is actions of the Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR). State attorneys general may also conduct HIPAA enforcement. How Does HIPAA Enforcement Work? HIPAA enforcement takes place on both the federal government and [...]

2021-07-30T16:23:15-04:00December 17th, 2019|

Updated HHS SRA Tool Issued

In 2011, the Department of Health and Human Services (HHS), the federal agency for enforcing HIPAA, issued a Security Risk Assessment (SRA) tool through its Office for Civil Rights (OCR). In 2019, after several updates, OCR is offering its newest updated HHS SRA tool, version 3.1. The updated HHS SRA Tool contains several features that the prior tools did not contain. What is the Updated HHS SRA Tool? [...]

2022-05-06T13:36:54-04:00November 18th, 2019|

What is the National Patient Identifier Repeal Act?

When HIPAA was enacted in 1996, the law called for development of a unique patient identifier (sometimes referred to as a “national patient identifier”). In 1999, Congress passed legislation prohibiting the Department of Health and Human Services from funding, implementing, or developing a unique patient identifier system. This ban has been in place since then. Recent legislative activity in the US Senate seeks to preserve [...]

2020-11-09T15:41:54-05:00October 25th, 2019|

Are You Addressing These 7 Elements of HIPAA Compliance?

One of the most important pieces of guidance that HHS has put out in regards to HIPAA compliance is The Seven Fundamental Elements of an Effective Compliance Program. Since this guidance was first released, OCR enforcement for HIPAA violations has increased significantly. Over the course of a year, there was a four-fold increase in total fines levied (from $6.2 million to $23.5 million). The seven [...]

2022-07-22T13:50:35-04:00June 28th, 2017|

Ransomware, Interoperability, Medical Apps Major Focus of 2017 HIPAA Enforcement

Office for Civil Rights (OCR) Director Roger Severino made major suggestions into upcoming 2017 HIPAA enforcement in his opening talk at Health Datapalooza 2017. Severino is the newly appointed Director of the Department of Health and Human Services' (HHS) OCR. He said that OCR is "mindful of the regulatory side of things," and spoke about enforcement of the HIPAA Privacy and Security Rules in the [...]

2021-08-25T13:59:26-04:00April 27th, 2017|

HHS Secretary Tom Price Suggests Changes to HHS Guidance on EHRs

Secretary of the Department of Health and Human Services (HHS) Tom Price, stressed major changes to healthcare IT under the Trump Administration during his opening remarks at Health Datapalooza 2017. "People, patients, and partnerships" are going to be the major driving forces behind upcoming changes to data security and privacy. Secretary Price stressed that HHS' goal will be reducing the burden of healthcare IT to physicians by focusing on [...]

2021-08-25T13:59:26-04:00April 27th, 2017|

The 5 Most Landmark OCR Settlements in 20 Years of HIPAA

When HIPAA was first enacted in 1996, few people could have anticipated the shock waves that this landmark regulation would send across the healthcare industry. The following will discuss the 5 most landmark OCR settlements in 20 Years of HIPAA. Over the course of 20 years, the regulation has changed considerably to account for national conversations surrounding the integrity, privacy, and security of patients' health [...]

2021-08-25T13:59:30-04:00August 23rd, 2016|

HIPAA Compliance Audits Prioritized in 2017 Fiscal Budget

Earlier this year, the Obama administration submitted its budget proposal for fiscal-year 2017. The OCR Budget in Brief details the increased budget--$1.15 trillion of which is allotted for the Department of Health and Human Services (HHS). $43 million of these funds will go to the Office for Civil Rights (OCR), and $82 million will go to the Office of National Coordination for Health IT (ONC). With the new budget, [...]

2019-10-30T13:43:17-04:00May 26th, 2016|

Congress to Establish Chief Information Security Officer Within HHS

A bill to establish an Office of the Chief Information Security Officer (CISO) at the Department of Health and Human Services (HHS) was introduced in the House of Representatives. The office would issue guidance to better protect sensitive personal information and data from potential exposure to cyberattacks. Reps. Billy Long (R-Mo.) and Doris Matsui (D-Calif.) sponsored the HHS Data Protection Act of 2016, which seeks [...]

2020-12-04T13:51:02-05:00May 10th, 2016|