Tag: HIPAA

HHS Releases Model Notices of Privacy Practices

The Office for Civil Rights (“OCR”), in collaboration with the Office of the National Coordinator for Health Information Technology (“ONC”), recently developed and released model Notices of Privacy Practices (“Notices”) for health care providers and health plans.  Several different styles and formats are available for customization. 

Constitutional Challenge to HIPAA: HHS Responds

The U.S. Department of Health and Human Services (“HHS”) has responded to a legal challenge filed last week alleging that the Final HIPAA Omnibus Rule (the “Omnibus Rule”) is unconstitutional because it infringes on the First Amendment.  Adheris, Inc. (“Adheris”), a company that sends patients prescription refill reminders and educational […]

Constitutional Challenge to HIPAA

On September 6, 2013, Adheris, Inc. (“Adheris”), an inVentiv company that works with pharmacies and pharmaceutical manufacturers to send medication refill reminders and educational information regarding diseases to patients, filed suit against the U.S. Department of Health and Human Services (“HHS”).  Adheris alleges that certain provisions of the Final HIPAA Omnibus […]

Resource Launch: Introducing Cooley’s HIPAA Privacy and Security Enforcement Tracking Chart

Today, we added an exciting new resource to our blog: a tracking chart that provides an overview of select privacy and security settlements related to the Health Insurance Portability and Accountability Act (HIPAA). Included in the tracking chart are summaries of allegations, settlement amounts, descriptions of corrective action plans, and […]

September 23, 2013: What It Means for HIPAA Business Associate Agreements

September 23, 2013 is rapidly approaching, and Covered Entities and Business Associates must comply with the requirements of the HIPAA Omnibus Rule by this date. Among the tasks facing Covered Entities and Business Associates seeking to meet Omnibus Rule requirements, they must ensure that their Business Associate Agreements (“BAAs”) comply […]

HIPAA Settlement Alert: WellPoint, Inc. Agrees to Pay $1.7 Million

On July 11, 2013, WellPoint, Inc. (“WellPoint”) entered into a Resolution Agreement (the “Agreement”) with the U.S. Department of Health and Human Services (“HHS”) to pay $1,700,000 to settle alleged privacy and security violations of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”).  The Agreement does not contain […]