By: Craig A. Phillips Member, Grand Rapids Office Phone: 616.336.1030email: cphillips@dickinsonwright.com With most vendors offering and pushing cloud computing solutions and offsite data backup, or guaranteeing offsite backup of data they process for you, many HIPAA covered entities and business associates are questioning whether and how they can take advantage of cloud computing while complying with …
Attempting To Avoid The High Cost Of A Reported HIPAA Breach
By: Kimberly Ruppel and Billee Lightvoet Ward Preventing unintended or unauthorized disclosure of protected health information is an ever-present goal of all covered entities and business associates. However, protective firewalls and electronic data security measures are not enough to avoid a potentially costly penalty or settlement amount in the event of a breach. In order …
Continue reading “Attempting To Avoid The High Cost Of A Reported HIPAA Breach”
Health System Paid $2.4 Million Settlement After Identification in a Press Release of a Patient Who Was Engaged in Fraud
By: Kimberly Ruppel The U.S. Department of Health and Human Services Office for Civil Rights (“OCR”) announced a $2,400,000 settlement with Memorial Hermann Health System (“MHHS”) to resolve an investigation of an unauthorized disclosure of protected health information (“PHI”) as a potential violation of the Privacy Rule of the Health Insurance Portability and Accountability Act …
Wireless Healthcare Services Provider’s $2.5m Settlement Demonstrates Why Understanding HIPAA Requirements Is a Must
By: Sara Jodka The U.S. Department of Health and Human Services Office for Civil Rights (OCR) announced a $2.5 million Health Insurance Portability and Accountability Act of 1996 (HIPAA) settlement with CardioNet, which is a company that provides remote mobile monitoring of and rapid response to patients at risk for cardiac arrhythmias. The settlement is based …
Settlement Highlights Need for HIPAA-Covered Entities to Have Business Associate Agreements in Place with PHI Vendors
By: Sara Jodka The Department of Health and Human Services’ Office for Civil Rights (ORC) announced an agreement to settle possible Health Insurance Portability and Accountability Act (HIPAA) violations with The Center for Children’s Digestive Health (CCDH). This settlement is worth noting is because it highlights the need for HIPAA-covered entities to obtain signed HIPAA-compliant …
$400,000 Settlement Highlights Need for Pre- and Post-Breach Safeguards
By: Sara Jodka The U.S. Department of Health and Human Services, Office for Civil Rights (OCR), has announced another Health Insurance Portability and Accountability Act of 1996 (HIPAA) settlement. This one is with Metro Community Provider Network (MCPN), a federally-qualified health center (FQHC) that provides primary medical care, dental care, pharmacies, social work, and behavioral …
Continue reading “$400,000 Settlement Highlights Need for Pre- and Post-Breach Safeguards”
Telecommuting Healthcare Employees Get Employers in HIPAA Compliance Hot Water
By: Sara Jodka As the healthcare industry has expanded to providing home healthcare services, more service providers are allowing their employees to work remotely, i.e., telecommuting. The flexibility for healthcare workers to work from anywhere with an Internet connection has some advantages, but it also has many dangerous disadvantages. One specific disadvantage in the healthcare …
Continue reading “Telecommuting Healthcare Employees Get Employers in HIPAA Compliance Hot Water”
HIPAA Compliance in the Telecommuting Age
Since this is the Information Age, it should come as no surprise that more employees are working remotely, i.e., telecommuting. The flexibility to work from anywhere allows employees to work offsite, including from home, public transportation system, airport, coffee shop, etc. While such flexibility certainly has its advantages, it also has its disadvantages. One specific …
Continue reading “HIPAA Compliance in the Telecommuting Age”
Restrictions on Fees Permitted Under HIPAA for Copies of Medical Records
By Timothy Cary When health care providers provide copies of medical records to an individual patient or to third parties at the direction of that individual patient, they are permitted under HIPAA to recover “a reasonable, cost-based fee.” Health care providers have generally determined this fee by relying on a schedule established by state statute, …
Continue reading “Restrictions on Fees Permitted Under HIPAA for Copies of Medical Records”
FTC Mobile Health Guidance
On April 5, 2016, the Federal Trade Commission (FTC) released new guidance for mobile apps directed towards providing health-related services and information. This guidance was developed with numerous other agencies, including the Office for Civil Rights (OCR), to assist app developers in complying with federal healthcare law. One of the paramount concerns with mobile apps …