Tag: privacy and security

Advocate Data Breaches Result in Largest HIPAA Settlement To Date

On August 8th, 2016, the U.S. Department of Health and Human Services (HHS) Office of Civil Rights (OCR) issued the largest Health Insurance Portability and Accountability Act (HIPAA) settlement to date with Advocate Health Care System (Advocate).  Advocate agreed to pay $5.55 million to settle a variety of HIPAA violations.  Advocate […]

HHS Launches HIPAA Platform for Medical Application Developers

On Monday, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) released an online platform designed for use by developers of mobile medical applications (apps).  The site allows users to submit questions regarding compliance with the Health Insurance Portability and Accountability Act (HIPAA) and to access […]

Beth Israel To Pay $100,000 for Massachusetts Health Information Breach

Beth Israel Deaconess Medical Center (Beth Israel) reached a settlement with the Massachusetts Attorney General’s Office for a data breach in which a physically unsecured laptop was stolen containing personal and protected health information of nearly 4,000 patients and employees.  In May 2012, a physician’s laptop was stolen from his desk at […]

HHS Attorney Advises to Expect More Aggressive HIPAA Enforcement

Jerome Meites, a chief regional civil rights counsel for the U.S. Department of Health and Human Services (“HHS”), provided important insight into upcoming HIPAA enforcement at the recent American Bar Association conference in Chicago .  Since June 2013, over $10 million has been paid by entities to settle alleged HIPAA violations.  Mr. Meites predicted that, […]

Oklahoma Board of Medicine Passes Rule Requiring that Telehealth Technology be HIPAA Compliant

After a physician in Oklahoma was disciplined for, among other things, using non-HIPAA compliant technology to treat patients, the Oklahoma Medical Board has adopted a new rule (the “Oklahoma Telemedicine Rule”) regarding the practice of telemedicine in the state.  The Oklahoma Telemedicine Rule (Okla. Admin. Code. § 435:10-7-13) sets forth multiple requirements regarding […]

Resource Launch: Introducing Cooley’s HIPAA Privacy and Security Enforcement Tracking Chart

Today, we added an exciting new resource to our blog: a tracking chart that provides an overview of select privacy and security settlements related to the Health Insurance Portability and Accountability Act (HIPAA). Included in the tracking chart are summaries of allegations, settlement amounts, descriptions of corrective action plans, and […]

Mobile Health Apps Implicate Data Privacy and Security Laws

Privacy concerns regarding mobile devices in health care are raising eyebrows and making headlines. The Telegraph reports that “health and fitness apps have been harvesting sensitive personal data and passing it on to insurance and pharmaceutical companies” although “apps companies . . . have denied that the information is personally […]