By

Megan Svedman

27 August 2020

OCR 2020 Settlements Target HIPAA Security Rule Non-Compliance

In almost the first three quarters of 2020, the U.S. Department of Health and Human Services, Office for Civil Rights (“OCR”) has settled three cases related to alleged violations of the Health Insurance Portability and Accountability Act (“HIPAA”), totaling $1,165,000.  These settlements underscore OCR’s continued focus on enforcement of the HIPAA Security Rule.

(more…)

EmailShare
27 July 2020

SAMHSA Releases Final 42 CFR Part 2 Revised Rule

On July 13, the Department of Health and Human Services’ Substance Abuse and Mental Health Services (“SAMHSA”) announced final revisions to the Confidentiality of Substance Use Disorder Patient Records regulation codified at 42 CFR Part 2 (so-called “Part 2” regulations).  These regulations—which apply to certain information relating to patients being treated for substance use disorders (“SUDs”)—impose restrictions above and beyond those in the Health Insurance Portability and Accountability Act (“HIPAA”).  While the final rule does not fundamentally change the basic requirements of the Part 2 regulations, it relaxes some of the restrictions the regulations impose on holders of Part 2 information, in particular, to facilitate care coordination.

(more…)

EmailShare
05 May 2020

HHS Announces Exercise of Enforcement Discretion for Entities Engaged in COVID-19 Relief Efforts

Since COVID-19 was declared a pandemic, the U.S. Department of Health and Human Services (“HHS”) and its Office for Civil Rights (“OCR”) have taken a variety of steps to relax HIPAA restrictions particularly pertinent to the COVID-19 response.

First, as covered in an earlier posting, HHS took action to waive penalties and assure companies that it would exercise enforcement discretion with respect to the Privacy Rule’s application to telehealth services and certain limited communication activities related to COVID-19 treatment efforts. (more…)

EmailShare
XSLT Plugin by BMI Calculator