Articles Tagged With: HIPAA
-
States Passing New Restrictions on Health Data Sharing
There is a rapidly expanding wave of state consumer-health-privacy laws reshaping how retailers, wellness brands, e-commerce companies, and digital platforms must handle data that can reveal or infer a person’s health status. These laws reach far beyond HIPAA and apply even when a business provides no medical services.
-
Patient Photos in Marketing Materials Pose HIPAA Risks
The Office of Civil Rights (OCR) recently announced a settlement with five healthcare providers in a case that illustrates the dangers of using patient photos in marketing materials. HIPAA violations are possible even when the patient photos seem innocuous and do not reveal medical information.
-
Spouse and Family Access to PHI Often Disputed
As long as HIPAA has been around, one of the most contentious issues has been whether spouses, partners, other family, or friends can receive information about a patient — or whether non-healthcare entities can discuss someone’s health. Healthcare providers often misinterpret HIPAA requirements in this area, either being overly restrictive or releasing protected health information improperly.
-
Ethical Concerns Raised by Surprising New Data on the Effect of the Revised Common Rule
The revised Common Rule (the U.S. Basic Federal Policy for Protection of Human Research Subjects) was implemented in 2019 to enhance protections for human research subjects. Min-Fu Tsan, MD, PhD, wanted to know how well the revised Rule has achieved its stated goals.
-
HIPAA Resuming Audits; Know What to Expect
The Office of Civil Rights recently resumed audits for HIPAA compliance, meaning some covered entities will be visited for a thorough check that could have serious ramifications. Knowing what to expect can reduce the risk and stress.
-
Manage Third-Party Vendor Relationships Carefully
Third-party vendors pose a significant risk to a healthcare organization’s HIPAA compliance program, but those risks can be mitigated by diligently following best practices.
-
OCR Imposes $1.5 Million Civil Monetary Penalty
The Office of Civil Rights recently announced a $1.5 million civil money penalty (CMP) for HIPAA violations against Warby Parker, the online retailer of prescription and non-prescription eyewear. The case highlights the need for a prompt and effective response after a breach.
-
HHS Proposal Attempts to Boost Tech Improvements for HIPAA
Health and Human Services recently issued proposed updates to the HIPAA Security Rule to address continuing cybersecurity threats in healthcare, urging covered entities to keep up with the bad guys by adopting the most up-to-date technology.
-
HHS Drops Appeal on Website Tracking, but Some of Rule Still Applies
Health and Human Services (HHS) recently announced that it will not appeal its unfavorable court decision in American Hospital Association v. Becerra, in which the American Hospital Association and other groups sued HHS to bar enforcement of a new rule adopted in guidance by the Office for Civil Rights titled “Use of Online Tracking Technologies by HIPAA-Covered Entities and Business Associates.”
-
Computer Disposal Not Simple When PHI Involved
Disposing of an old, unneeded computer usually is as easy as chucking it in the dumpster out back or giving it away to charity. But not when it might contain protected health information.