Health Insurance Portability and Accountability Act

On May 17, 2023, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) announced a settlement with MedEvolve, Inc. for $350,000. MedEvolve provides practice and revenue cycle management and practice analytics software services to health care entities. The settlement resulted from MedEvolve’s alleged violation of the Health Insurance Portability and Accountability

One of the challenging things about HIPAA (Health Insurance Portability and Accountability Act) enforcement is the fact that both the Office for Civil Rights and State AGs have jurisdiction to assess fines and penalties for HIPAA violations. The old double whammy.

States enforce those rights sparingly, but New Jersey is getting itself on the map

Last week, Diabetes, Endocrinology & Lipidology Center Inc. (DELC) of West Virginia reached a $5,000 settlement with the Office for Civil Rights (OCR) over  allegations that it failed to provide timely access to a patient’s health records.   The OCR alleged that DELC waited more than two years to send a minor’s medical records to their

Washington legislators recently introduced the Washington Privacy Act (WPA). This legislation is a consumer-focused privacy law similar to the California Consumer Privacy Act (CCPA) but it also has some European Union General Data Protection Regulation (GDPR)-like concepts. The WPA protects personal data in much the same way as the CCPA, but with some significant differences.

On April 30, 2018, a Massachusetts physician was convicted of a criminal violation of the Health Insurance Portability and Accountability Act of 1996 (HIPAA), as well as one count of obstruction of a criminal health care investigation, in a Massachusetts federal court. The convictions relate to the purported sharing of confidential patient information by the

The United States Attorney’s Office for the District of Massachusetts recently announced that three former district managers of the pharmaceutical firm Warner Chilcott have been sentenced for violating the Health Insurance Portability and Accountability Act (HIPAA) and committing healthcare fraud.

The allegations include that the district managers directed certain sales representatives to fill out prior

Federal regulators announced last week that Illinois’ largest hospital chain would pay $5.5 million, a record payment under the Health Insurance Portability and Accountability Act (HIPAA), in connection with three 2013 data breaches that affected the protected health information of millions of its patients. The Advocate Health Care Network, which manages twelve hospitals and hundreds

One in five U.S. consumers are tracking their every movement, from their heart-rate, skin temperature, respiratory rate to their activity levels, food intake, weight, and sleep patterns. With this so-called ‘black box’ for the human body, this data collected through our wearable fitness devices has great potential to be used to bolster or dispute a

Now even the fitness tracker you wear on your wrist is compliant with the Health Insurance Portability and Accountability Act (HIPAA) of 1996. Fitbit’s Corporate Wellness team is one of the fastest growing sectors of the company, and Fitbit voluntarily took this “proactive step” to implement a HIPAA compliance program so that it could broaden

Advanced Data Processing, Inc. and Intermedix Corp. were sued in federal court in Florida last week for violating the Health Insurance Portability and Accountability Act (HIPAA) for failing to protect the health information of “potentially millions” of individuals.

Plaintiffs allege that for several months in 2012, an employee of Intermedix viewed health information of patients