Part 2 Proposed Rule Seeks to Reduce Barriers to Coordination of Care for Substance Use Disorders
In an effort to reduce barriers to coordination of care, the U.S. Department of Health and Human Services (“HHS”) is considering changes to Federal restrictions on the sharing of substance use disorder (“SUD”) records. The proposed changes would modify 42 C.F.R. Part 2 (“Part 2”) regulations that place restrictive conditions … Read More
OCR Reduces HIPAA Penalties and Clarifies Liability for Transferring ePHI to Third-Party Health Apps
New Annual HIPAA Penalty Tiers
Six months after imposing the largest ever HIPAA fine ($16 million) following a HIPAA data breach, the U.S. Department of Health & Human Services’ Office for Civil Rights (“OCR”) has announced that it is exercising its enforcement discretion to lower maximum annual HIPAA penalties.
First Multistate HIPAA Data Breach Lawsuit May Signal Increased State Interest in Data Security Enforcement
On December 3, 2018, twelve attorneys general (“AGs”) jointly filed a data breach lawsuit against Medical Informatics Engineering and its subsidiary, NoMoreClipboard LLC (collectively “the Company”), an electronic health records company, in federal district court in Indiana. See Indiana v. Med. Informatics Eng’g, Inc., No. 3:18-cv-00969 (N.D. Ind. filed … Read More
Proposed Changes to Federal Health Privacy Regulations Now at OMB for Review
The Administration is preparing to release a Request for Information (“RFI”) on potential modifications to Health Insurance Portability and Accountability Act (HIPAA) rules. The draft RFI was recently submitted by the Department of Health and Human Services (“HHS”) to the White House’s Office of Management and Budget (“OMB”) for pre-release … Read More