Privacy & Security Matters Mintz Levin : Data Compliance & Security, Employee Privacy Lawyer & Attorney

Tag Archives: HIPAA; HITECH Act

The cost of HIPAA non-compliance – $17 million – UPDATE

Posted in Data Breach, Data Breach Notification, Data Compliance & Security, HIPAA/HITECH

Written by Kevin McGinty   If it wasn’t clear before, a recent settlement of HIPAA claims brought by the Department of Health and Human Services against BlueCross BlueShield of Tennessee (“BCBST”) underscores the high regulatory cost of non-compliance with privacy requirements.  HHS announced on March 13, 2012  that BCBST has agreed to pay $1.5 million… Continue Reading

HIPAA Audits Begin; Huge Medical Data Theft from California Provider

Posted in Data Breach, Data Breach Notification, HIPAA/HITECH

Our sister blog, Health Law & Policy Matters, includes a detailed discussion (warning?) relating to the commencement of HIPAA audits by the Office of Civil Rights.   That post can be found here, and it and the embedded links should be required reading for anyone involved with protected health information. Yesterday, we learned of a major… Continue Reading

The HIPAA Auditors Are Coming! The HIPAA Auditors Are Coming!

Posted in Uncategorized

It is time for covered entities and business associates to jump start HIPAA privacy and security programs and make sure that everything is in compliance.   GovInfoSecurity reports that the Department of Health and Human Services (HHS) has awarded a $9.2 million contract to KPMG to develop protocols for conducting the long-awaited HITECH Act-mandated HIPAA compliance audit… Continue Reading

University of California Pays Close to $1M to Settle Celebrity Health Record Snooping Complaint

Posted in Uncategorized

Written by Dianne Bourque and Cynthia Larose The University of California has paid $865,500 to the Office of Civil Rights (OCR) and agreed to a Corrective Action Plan to settle allegations that UCLA Health System (UCLAHS) employees repeatedly snooped in the electronic health records of celebrity patients.  The OCR’s investigation was prompted by two separate… Continue Reading

First Ever State-initiated HIPAA Enforcement Action Settled

Posted in Legislation

Written by Dianne Bourque Connecticut Attorney General Richard Blumenthal has settled the first state-initiated HIPAA enforcement action. The settlement totals $250,000 in statutory damages and Health Net’s agreement to implement a variety of measures to improve the security of consumer health and personal information. Health Net also agreed to provide two years of credit monitoring… Continue Reading

HHS (Finally!) Issues Proposed HIPAA Privacy & Security Rule Changes

Posted in Legislation

The long-awaited proposed changes to the HIPAA Privacy Rules have finally been released by the Department of Health and Human Services (HHS). A joint statement issued today by the HHS and the Office of Civil Rights (OCR) says that the proposed regulations “would expand individuals’ rights to access their information and restrict certain disclosures of… Continue Reading