DHHS announced waivers of various compliance requirements for providers to ease administrative and operational burdens during this pandemic. I think the theme here is that providers just need to do the best that they can during these challenging times. Those that prioritize patient care, act reasonably and in good faith and do not commit fraud or abuse will be spared from enforcement actions.
Yesterday, the Centers for Medicare and Medicaid Services (CMS) and the Office of the National Coordinator of Health Information Technology (ONC) released their long-awaited final rules on interoperability and information blocking.
Lessons from the first enforcement action of 2020: (1) No covered entity is immune from HIPAA enforcement. (2) Craft factual breach reports that leave no unanswered questions and do not unnecessarily grab OCR’s attention.
Consider the following: “It’s time to eat, Grandma!” versus “It’s time to eat Grandma!” Punctuation saves lives. It also potentially saved AT&T and Hilton many millions of dollars in two Telephone Consumer Protection Act suits.
A relatively new kind of ransomware is targeting law firms and publicly shaming them into paying the ransom or risk having the firm’s data dumped on the internet. In other ransomware news, instead of money, some hackers are demanding photos of women’s body parts.
Career day. Second grade. In my brown, corduroy blazer and matching briefcase (don’t judge – it was the early ‘80s), I was surrounded by football players and ballerinas.
The proposed modifications provide much-needed clarity to covered businesses in advance of the enforcement deadline and show that the AG seriously considered the comments and feedback it received. This post offers a very brief summary of some of the notable changes.
Just over a week ago, a federal district court invalidated part of HHS’s 2016 guidance on the fees a covered entity can charge for patient records. The court found that HHS exceeded its authority when it declared that only a limited fee could be charged for records sent to a third party at a patient’s direction.
Yesterday afternoon, Facebook announced its settlement of a biometric privacy class action for $550 million, the largest privacy class action settlement to date.
It appears that the 2019 HIPAA enforcement year is over with a lot less fanfare (and cash) than last year but it did provide important insights into enforcement trends. *Distributed by Law360 on January 22, 2020 and included in its Health Law and Cybersecurity and Privacy Law. newsletters.