Category: HIPAA

Mobile Health Apps Implicate Data Privacy and Security Laws

Privacy concerns regarding mobile devices in health care are raising eyebrows and making headlines. The Telegraph reports that “health and fitness apps have been harvesting sensitive personal data and passing it on to insurance and pharmaceutical companies” although “apps companies . . . have denied that the information is personally […]

Theft of Personal Data of 4 Million Patients in Illinois

On August 23, 2013,  Advocate Medical Group (“AMG”), Illinois’s largest health care network, announced that four computers housing the personal information of over four million patients were stolen in the burglary of an administrative building on July 15, 2013.  Upon discovering the burglary, AMG immediately notified local police, who are […]

September 23, 2013: What It Means for HIPAA Business Associate Agreements

September 23, 2013 is rapidly approaching, and Covered Entities and Business Associates must comply with the requirements of the HIPAA Omnibus Rule by this date. Among the tasks facing Covered Entities and Business Associates seeking to meet Omnibus Rule requirements, they must ensure that their Business Associate Agreements (“BAAs”) comply […]

HIPAA Settlement Alert: WellPoint, Inc. Agrees to Pay $1.7 Million

On July 11, 2013, WellPoint, Inc. (“WellPoint”) entered into a Resolution Agreement (the “Agreement”) with the U.S. Department of Health and Human Services (“HHS”) to pay $1,700,000 to settle alleged privacy and security violations of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”).  The Agreement does not contain […]