Connecticut’s New Law Protecting Reproductive Information and How it Works with HIPAA

Effective July 1, 2022, Connecticut’s Reproductive Freedom Act (PA 22-19) expands access to abortion, enhances protections for reproductive healthcare records and provides protections to abortion providers and patients receiving abortion care in the state. Connecticut was the first state to pass such legislation after news of the Dobbs decision leaked.  Massachusetts and California followed suit.  This […]

Dentists Continue to be a HIPAA Enforcement Target and Right of Access Remains the Focus

Today, the Department of Health and Human Services’ Office for Civil Rights (OCR) announced three more HIPAA Right of Access enforcement resolutions – all against dentists.  And the story is largely the same:  patients requested records and did not timely or properly receive those records.  In one instance, the dental practice significantly overcharged for records. […]

Tossing PHI in The Trash Can be an Expensive Mistake

Last week, the Office for Civil Rights (OCR) reminded us of the importance of the basics when it comes to protecting patient information.  On August 23rd, it announced a HIPAA enforcement action involving tangible protected health information (PHI) that a practice tossed out with the rest of the trash. For over a decade, PHI in […]

A Proposed Federal Privacy Law that Could End the CTDPA Before it Starts

Protecting personal information is important to all Americans.  In the absence of a comprehensive federal privacy law (the US is one of the few remaining countries without one), states are stepping up.  Five states have adopted comprehensive privacy legislation: California, Colorado, Connecticut, Virginia and Utah. And more than half of the country’s state legislatures have […]

Providers of Care and Defenders of Privacy: Strategies to Protect Patient Privacy After the Reversal of Roe v. Wade

Healthcare providers carry a heavy load and it just got heavier.  In the wake of the reversal of Roe v. Wade and the prohibition and criminalization of abortion in some states, healthcare providers are now burdened with being more vigilant than ever in defending patients’ privacy rights. This is true in all states, even where […]

OCR Awoke from its HIPAA Enforcement Slumber Last Week

If you asked me Friday morning of last week to give you my impression of HIPAA enforcement so far in 2022, I would have said “slow.”  Up to that point, OCR had announced only four enforcement actions and all on the same day in March (see Three Dentists and a Psychiatrist Walk into a Bar:  […]

OCR Issues Guidance on Audio-Only Telehealth

Today, the Department of Health and Human Services’ Office for Civil Rights (OCR) issued guidance on HIPAA requirements as they relate to audio-only telehealth.  Importantly, for the first time, OCR provides insights on its position on the difference between landline and VoIP telecommunication services.  OCR’s guidance applies now and after its telehealth enforcement discretion is […]

Business Associates: Excelling in HIPAA Compliance is Good for Business

Operational challenges abound in the healthcare industry.  This creates opportunities for technology companies, consultants and others to offer supportive services and innovative solutions.  Many of those supporting organizations will qualify as business associates under the Health Insurance Portability and Accountability Act (HIPAA). In this post, we explore what it means to be a business associate, […]

Subpoena Response that Violated HIPAA Costs a CT Healthcare Provider $853,000

Healthcare providers regularly receive subpoenas for medical records.  All too often, providers simply turn over the subpoenaed records without ensuring that the disclosure is permitted by law.  A recent Connecticut appeals court decision, Byrne v. Avery Center for Obstetrics and Gynecology, P.C., upheld a jury award of $853,000 for a healthcare provider’s improper medical record […]

DMC Law’s HIPAA Helpline Virtual Discussion Group

Every couple of months, DMC Law invites healthcare professionals who regularly grapple with privacy issues to gather (remotely) and discuss those issues.  The HIPAA Helpline is not a webinar.  It’s an interactive session.  DMC Law’s lawyers, Dena Castricone and Tracy Guarnieri, review legal requirements while participants share stories, questions and best practices.  The goal of […]