PHI

Subscribe to PHI via RSS

The Office for Civil Rights (OCR) announced on October 23, 2019, that Jackson Health System (Jackson), a not-for-profit hospital system comprised of six hospitals, urgent care centers, nursing facilities, and primary care and specialty services based in Miami, Florida, has waived its right to a hearing and did not contest the findings set forth in

On September 9, 2019, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced that it had settled its first ever HIPAA enforcement action arising from alleged violations of the individual right to access health information under HIPAA. OCR entered into a settlement with Bayfront Health St. Petersburg (Bayfront) in response

Another day in the healthc are industry, another big data breach.

This week, Quest Diagnostics announced in a security filing with the Securities and Exchange Commission, that a collection agency vendor that it uses for collection services notified it that for eight months, an unauthorized user had access to Quest patients’ records, including credit card

The Office of Civil Rights (OCR), the enforcement arm of the Department of Health & Human Services (HHS), announced that a Tennessee diagnostic medical imaging services company has agreed to pay $3 million to settle potential HIPAA violations arising from a data breach that exposed over 300,000 patients’ protected health information. As part of the

On April 8, 2019, The University of Texas MD Anderson Cancer Center (MDA) filed a petition with the U.S. Court of Appeals for the Fifth Circuit seeking review of a decision by the Department of Health & Human Services’s (HHS) Departmental Appeals Board (DAB) Appellate Division to uphold $4.35 million in civil money penalties (CMPs)

On December 14, 2018 the Department of Health & Human Services Office for Civil Rights (OCR) published a Request for Information (RFI) soliciting public input on updates to regulations promulgated under the Health Insurance Portability and Accountability Act (HIPAA) with the goals of removing “regulatory obstacles” and decreasing “regulatory burdens” in furtherance of the health care industry’s transition to value-based care models.
Continue Reading OCR Issues Request for Information Regarding Modification of HIPAA To Promote Care Coordination and Transition to Value-Based Care

The Office for Civil Rights has announced that it has settled with Lakeland, Florida based Advanced Care Hospitalists (ACH) for $500,000 for allegations of an impermissible disclosure of protected health information by one of its business associates. ACH provides contract internal medicine physicians to nursing homes and hospitals.

According to the press release, between November

In its July newsletter on cybersecurity, the Office for Civil Rights (OCR) released “Guidance on Disposing of Electronic Devices and Media,” which outlines the requirements health care providers and business associates have regarding the security of electronic data and media under the HIPAA Security Rule.

The newsletter reminds health care providers and business associates that

It is clear that the health care industry continues to be targeted with cyber-attacks. In 2018, the 10 largest health care breaches, outlined here, include unauthorized access to protected health information (PHI) through a vendor offering claims processing, ransomware incidents, successful phishing schemes, mailing PHI to wrong addressees, hacking, a misdirected email, and a