Tag: privacy and security

HIPAAHITECH ActPrivacy and Security

Advocate Data Breaches Result in Largest HIPAA Settlement To Date

On August 8th, 2016, the U.S. Department of Health and Human Services (HHS) Office of Civil Rights (OCR) issued the largest Health Insurance Portability and Accountability Act (HIPAA) settlement to date with Advocate Health Care System (Advocate).  Advocate agreed to pay $5.55 million to settle a variety of HIPAA violations.  Advocate […]

/ August 10, 2016
Health Information PrivacyHealth ITHealthcare

HHS Launches HIPAA Platform for Medical Application Developers

On Monday, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) released an online platform designed for use by developers of mobile medical applications (apps).  The site allows users to submit questions regarding compliance with the Health Insurance Portability and Accountability Act (HIPAA) and to access […]

/ October 7, 2015
Cooley TrackersGovernment EnforcementHealth Information Privacy

Beth Israel To Pay $100,000 for Massachusetts Health Information Breach

Beth Israel Deaconess Medical Center (Beth Israel) reached a settlement with the Massachusetts Attorney General’s Office for a data breach in which a physically unsecured laptop was stolen containing personal and protected health information of nearly 4,000 patients and employees.  In May 2012, a physician’s laptop was stolen from his desk at […]

/ December 5, 2014
ComplianceGovernment EnforcementHealth Information Privacy

HHS Attorney Advises to Expect More Aggressive HIPAA Enforcement

Jerome Meites, a chief regional civil rights counsel for the U.S. Department of Health and Human Services (“HHS”), provided important insight into upcoming HIPAA enforcement at the recent American Bar Association conference in Chicago .  Since June 2013, over $10 million has been paid by entities to settle alleged HIPAA violations.  Mr. Meites predicted that, […]

/ June 13, 2014
Health Information PrivacyHealth ITHIPAA

Oklahoma Board of Medicine Passes Rule Requiring that Telehealth Technology be HIPAA Compliant

After a physician in Oklahoma was disciplined for, among other things, using non-HIPAA compliant technology to treat patients, the Oklahoma Medical Board has adopted a new rule (the “Oklahoma Telemedicine Rule”) regarding the practice of telemedicine in the state.  The Oklahoma Telemedicine Rule (Okla. Admin. Code. § 435:10-7-13) sets forth multiple requirements regarding […]

/ February 11, 2014
Electronic Medical RecordsGovernment EnforcementHealth Information Privacy

Resource Launch: Introducing Cooley’s HIPAA Privacy and Security Enforcement Tracking Chart

Today, we added an exciting new resource to our blog: a tracking chart that provides an overview of select privacy and security settlements related to the Health Insurance Portability and Accountability Act (HIPAA). Included in the tracking chart are summaries of allegations, settlement amounts, descriptions of corrective action plans, and […]

/ September 4, 2013
FDA Draft GuidanceHealth ITHIPAA

Mobile Health Apps Implicate Data Privacy and Security Laws

Privacy concerns regarding mobile devices in health care are raising eyebrows and making headlines. The Telegraph reports that “health and fitness apps have been harvesting sensitive personal data and passing it on to insurance and pharmaceutical companies” although “apps companies . . . have denied that the information is personally […]

/ September 2, 2013
Electronic Medical RecordsHealth Information PrivacyHealth IT

Theft of Personal Data of 4 Million Patients in Illinois

On August 23, 2013,  Advocate Medical Group (“AMG”), Illinois’s largest health care network, announced that four computers housing the personal information of over four million patients were stolen in the burglary of an administrative building on July 15, 2013.  Upon discovering the burglary, AMG immediately notified local police, who are […]

/ August 27, 2013