With less than two days left in 2019, the Department of Health and Human Services’ Office for Civil Rights announced that a small, rural Georgia ambulance provider agreed to pay $65,000 to settle claims of multiple HIPAA Security Rule violations.
Author Archives: Dena M. Castricone, CIPP/US, CIPM
Earlier this year, the Department of Health and Human Services’ Office for Civil Rights (OCR) announced a Right of Access Enforcement Initiative, which would focus on ensuring that patients were getting timely access to their records without being overcharged. Prior to this announcement, enforcement actions against providers for denying a patient the proper right of access were rare. Since announcing the initiative, OCR has swiftly pursued claims resulting in two settlements within months of each other.
As part of the budget bill, Connecticut passed a law that more comprehensively addresses data security and is similar to the model law for insurance data security from the National Association of Insurance Commissioners. The law took effect on October 1, 2019.