All posts by Leah Roffman

OCR Reveals Information about Upcoming HIPAA Audits

At the Healthcare Information and Management Systems Society (“HIMSS”) Privacy and Security Forum this week, health information privacy senior advisor for the Office for Civil Rights (“OCR”) Linda Sanches revealed certain additional information about upcoming HIPAA audits.

HIPAA Omnibus Rule Deadline for BAAs Approaches

The Final HIPAA Omnibus Rule (the “Omnibus Rule”), published in the Federal Register on January 25, 2013, made various important changes to how entities must comply with privacy and security requirements.  While most deadlines stemming from the Omnibus Rule have passed, one is imminent: the final requirement to update Business […]

Federal Prosecutors Bring Criminal Charges against Individual for Alleged HIPAA Violation

Federal prosecutors in the Eastern District of Texas recently brought criminal charges under the Health Insurance Portability and Accountability Act (“HIPAA”) against a former East Texas hospital employee.  The former employee has been indicted on charges of wrongfully disclosing Protected Health Information (“PHI”).  Allegedly, he obtained PHI with the intent […]

Rhode Island Hospital Reaches Settlement with Massachusetts AG to Resolve Data Security Allegations

Last week, Women & Infants Hospital of Rhode Island (“W&I”) reached a settlement with the Massachusetts Attorney General to resolve allegations that W&I failed to adequately protect personal data stored on unencrypted backup tapes, violating both state and federal data security laws.  W&I has agreed to enhance its data security […]

Health System Agrees to Pay $800,000 following Improper Disclosure of Medical Records

This week, Parkview Health System, Inc. (“Parkview”) agreed to pay $800,000 and enter into a Corrective Action Plan to settle allegations that Parkview violated the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”).  In 2008, Parkview took custody of between 5,000 and 8,000 medical records of patients for a retiring physician in order […]

HHS Issues Reports on HIPAA Breaches and HIPAA Compliance

Last week, the U.S. Department of Health and Human Services (“HHS”) released two reports to Congress, pursuant to its obligations under the Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”): a report on Breaches of Unsecured Protected Health Information for 2011 – 2012 (the “Breach Report”) and a […]

Resource Launch – “Cloud Computing in Healthcare: HIPAA and State Law Challenges”

We are pleased to announce that a new resource has been added to our blog. On May 20, 2014, Cooley sponsored “Cloud Computing in Healthcare: HIPAA and State Law Challenges,” a presentation led by Cooley attorneys Matt Karlyn, Phil Mitchell, and Leah Roffman. The presentation began with a discussion of […]