Category: HIPAA Omnibus Rule

OCR Rep Discusses HIPAA Violations, Enforcement Actions, and Upcoming Audit Program

Last week, the National Institute of Standards and Technology (“NIST”), in conjunction with the U.S. Department of Health and Human Services’ Office for Civil Rights (“OCR”), hosted a conference entitled “Safeguarding Health Information: Building Assurance through HIPAA Security.”  Both OCR officials and others within the industry spoke regarding HIPAA developments.  […]

HIPAA Omnibus Rule Deadline for BAAs Approaches

The Final HIPAA Omnibus Rule (the “Omnibus Rule”), published in the Federal Register on January 25, 2013, made various important changes to how entities must comply with privacy and security requirements.  While most deadlines stemming from the Omnibus Rule have passed, one is imminent: the final requirement to update Business […]

Resource Launch – “Cloud Computing in Healthcare: HIPAA and State Law Challenges”

We are pleased to announce that a new resource has been added to our blog. On May 20, 2014, Cooley sponsored “Cloud Computing in Healthcare: HIPAA and State Law Challenges,” a presentation led by Cooley attorneys Matt Karlyn, Phil Mitchell, and Leah Roffman. The presentation began with a discussion of […]

Government to Resume HIPAA Compliance Audits in 2014

This week at the Healthcare Information and Management Systems Society (“HIMSS”) Conference, Susan McAndrew, the Deputy Director for Information Privacy at the U.S. Department of Health and Human Services’ Office for Civil Rights (“OCR”), announced that OCR is planning to resume its HIPAA compliance audit program in 2014.  As a […]

HHS Releases Omnibus Rule Guidance on Refill Reminders and Other Topics

Last week, the U.S. Department of Health and Human Services (“HHS”) released guidance that helps to clarify four parts of the Final HIPAA Omnibus Rule (the “Omnibus Rule”) – many provisions of which become effective today.  Specifically, HHS released clarification regarding how the Omnibus Rule governs the following topics: 1) […]

HHS Releases Model Notices of Privacy Practices

The Office for Civil Rights (“OCR”), in collaboration with the Office of the National Coordinator for Health Information Technology (“ONC”), recently developed and released model Notices of Privacy Practices (“Notices”) for health care providers and health plans.  Several different styles and formats are available for customization. 

Constitutional Challenge to HIPAA: HHS Responds

The U.S. Department of Health and Human Services (“HHS”) has responded to a legal challenge filed last week alleging that the Final HIPAA Omnibus Rule (the “Omnibus Rule”) is unconstitutional because it infringes on the First Amendment.  Adheris, Inc. (“Adheris”), a company that sends patients prescription refill reminders and educational […]