Tag Archives: healthcare privacy

OCR Issues Alert Regarding Phishing Email Disguised as Official OCR Audit Communication

11/30/2016 Update: Today OCR issued another alert relating to the phishing email campaign and has shared that the phishing email originates from the email address OSOCRAudit@hhs-gov.us and directs individuals to a URL at http://www.hhs-gov.us. This is a subtle difference from the official email address for OCR’s HIPAA audit program, OSOCRAudit@hhs.gov. Covered entities and business associates … Continue Reading

Deeper Dive: The Changing Landscape of Healthcare Data Breaches

For the second year in a row, the BakerHostetler Data Security Incident Response Report demonstrates that healthcare breaches continue to be the highest percentage of incidents that we handled in 2015. This year’s Report provides insights generated from the review of more than 300 incidents that our attorneys advised on in 2015. The report confirms … Continue Reading

North Dakota Breach Notification Law – Personal Information Includes Health Information

North Dakota has amended its Notice of Security Breach for Personal Information statute, North Dakota Century Code Section 51-30 et seq., to expand the definition of  “personal information” to include “medical information” and health insurance information.”  Pursuant to the amended statute, “medical information” includes any information regarding an individual’s medical history, mental or physical condition, … Continue Reading

Be Careful What You Wish For: The Final Rule Is Out

The long awaited HIPAA/HITECH final rule is out. Data Privacy Monitor contributors Theodore J. Kobus III and Lynn Sessions held a webinar that covered what stands out as big changes and how healthcare organizations need to prepare. Have the standards just been juggled or will healthcare organizations need to change their approach? View Webinar Recording.  Ted and Lynn have helped … Continue Reading

What Covered Entities and Business Associates Need to Do to Prepare for the New HIPAA/HITECH Requirements (Part I)

The Department of Health and Human Services (HHS) issued, on January 17, 2013, its Final Omnibus Rule modifying the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) Privacy and Security Rules as well as the breach notification rules of the Health Information Technology for Economic and Clinical Health Act (“HITECH”).  Our initial discussion can … Continue Reading
LexBlog