On May 18, 2023, the day after the Federal Trade Commission (FTC) announced only its second enforcement action under the Health Breach Notification Rule (HBNR) in 13 years, it released proposed changes to “strengthen and modernize” the rule. Those proposed changes will substantially expand the scope of the HBNR. Congress, however, never intended that the […]
Category Archives: Health Privacy
Earlier this year, we learned that the U.S. Department of Health & Human Services’ (HHS) Office for Civil Rights (OCR) would propose changes to HIPAA to protect reproductive health information in the wake of the 2022 Dobbs v. Jackson Women’s Health Organization decision. Since learning about the impending proposal, many of us speculated on OCR’s […]
Written in collaboration with Melissa Chaplik, JD Candidate 2024 The COVID-19 Public Health Emergency (PHE) is ending on May 11, 2023, and so are HIPAA compliance flexibilities for telehealth. Here’s to hoping that the first two episodes of Telehealth, Privacy and The Three Little Pigs inspired action. In the first episode, I warned: Telehealth is […]
No one likes receiving negative reviews on Yelp. But healthcare providers need to exercise better restraint than a dentist who will pay $23,000 to the Department of Health and Human Services’ Office for Civil Rights (OCR) to settle claims that his responsive posts violated HIPAA. OCR received a complaint that New Vision Dental (NVD) continuously […]
(Revised 1/6/2023; 1/23/2023; 2/11/2023; 3/27/2023; 4/20/2023 – The CT HIE, known as Connie, is new and many aspects of its operations are still in flux. Further, the information I provide is only as good as the information I receive. As I gather new information that contradicts or clarifies old information, I will update this article.) […]
On November 28, 2022, the Department of Health and Human Services (HHS) issued proposed changes to regulations implementing amendments Congress made in 2020 to the confidentiality of substance use disorder (SUD) records law. These long-awaited (and overdue) proposals paint an important picture of things to come, especially with respect to enforcement. Below are three key […]
Effective July 1, 2022, Connecticut’s Reproductive Freedom Act (PA 22-19) expands access to abortion, enhances protections for reproductive healthcare records and provides protections to abortion providers and patients receiving abortion care in the state. Connecticut was the first state to pass such legislation after news of the Dobbs decision leaked. Massachusetts and California followed suit. This […]
Today, the Department of Health and Human Services’ Office for Civil Rights (OCR) announced three more HIPAA Right of Access enforcement resolutions – all against dentists. And the story is largely the same: patients requested records and did not timely or properly receive those records. In one instance, the dental practice significantly overcharged for records. […]
Last week, the Office for Civil Rights (OCR) reminded us of the importance of the basics when it comes to protecting patient information. On August 23rd, it announced a HIPAA enforcement action involving tangible protected health information (PHI) that a practice tossed out with the rest of the trash. For over a decade, PHI in […]
Healthcare providers carry a heavy load and it just got heavier. In the wake of the reversal of Roe v. Wade and the prohibition and criminalization of abortion in some states, healthcare providers are now burdened with being more vigilant than ever in defending patients’ privacy rights. This is true in all states, even where […]