Last week, St. Elizabeth’s Medical Center (SEMC), a hospital located in Brighton, Massachusetts, agreed to settle alleged violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) by paying $218,400 and adopting a robust corrective action plan.
Connecticut and Oregon were recently added to the increasing list of states adopting stricter laws addressing the handling of health information and penalties in connection with breaches of health information. Both states amended their respective data security and breach notification laws and they will now levy stricter requirements on entities that store or […]
In order to protect the privacy and security of patients’ information, the Health Insurance Portability and Accountability Act (HIPAA) imposes substantial obligations on covered entities (certain providers, plans, and health care clearinghouses), as well as their business associates. These obligations can be intrusive and costly, and can require substantial investments […]
The Health Insurance Portability and Accountability Act (HIPAA) mandates that both Covered Entities and Business Associates protect the security of Protected Health Information (PHI) in a variety of ways. Specifically, HIPAA’s Security Rule sets forth various technical, administrative, and physical safeguards that must be enacted in order to ensure the […]
CareFirst, a Blue Cross Blue Shield plan serving the Washington D.C. metro area, became another in a line of health insurers to suffer a data breach as a result of hackers. CareFirst and the FBI are examining the breach which potentially compromised 1.1 million customers. The company reports that although […]
The Office of the National Coordinator for Health Information Technology (ONC) in collaboration with the Office for Civil Rights (OCR) recently released its new updated guidance for the privacy and security of electronic information. The Guide to Privacy and Security of Electronic Health Information (the Guide), last published in 2011, is […]
Yesterday, the U.S. Department of Health and Human Services’ Office for Civil Rights (“OCR”) announced that Cornell Prescription Pharmacy of Denver, Colorado (“Cornell Pharmacy”) has agreed to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). Cornell Pharmacy, a single location pharmacy, will pay a $125,000 […]