The Office for Civil Rights (“OCR”), in collaboration with the Office of the National Coordinator for Health Information Technology (“ONC”), recently developed and released model Notices of Privacy Practices (“Notices”) for health care providers and health plans. Several different styles and formats are available for customization.
The U.S. Department of Health and Human Services (“HHS”) has responded to a legal challenge filed last week alleging that the Final HIPAA Omnibus Rule (the “Omnibus Rule”) is unconstitutional because it infringes on the First Amendment. Adheris, Inc. (“Adheris”), a company that sends patients prescription refill reminders and educational […]
On September 6, 2013, Adheris, Inc. (“Adheris”), an inVentiv company that works with pharmacies and pharmaceutical manufacturers to send medication refill reminders and educational information regarding diseases to patients, filed suit against the U.S. Department of Health and Human Services (“HHS”). Adheris alleges that certain provisions of the Final HIPAA Omnibus […]
Today, we added an exciting new resource to our blog: a tracking chart that provides an overview of select privacy and security settlements related to the Health Insurance Portability and Accountability Act (HIPAA). Included in the tracking chart are summaries of allegations, settlement amounts, descriptions of corrective action plans, and […]
Privacy concerns regarding mobile devices in health care are raising eyebrows and making headlines. The Telegraph reports that “health and fitness apps have been harvesting sensitive personal data and passing it on to insurance and pharmaceutical companies” although “apps companies . . . have denied that the information is personally […]
On August 23, 2013, Advocate Medical Group (“AMG”), Illinois’s largest health care network, announced that four computers housing the personal information of over four million patients were stolen in the burglary of an administrative building on July 15, 2013. Upon discovering the burglary, AMG immediately notified local police, who are […]
September 23, 2013 is rapidly approaching, and Covered Entities and Business Associates must comply with the requirements of the HIPAA Omnibus Rule by this date. Among the tasks facing Covered Entities and Business Associates seeking to meet Omnibus Rule requirements, they must ensure that their Business Associate Agreements (“BAAs”) comply […]