Tag Archives: healthcare privacy

My Health My Data: New Proposed Washington Law Aims to Protect Consumer Health Data

By Andreas Kaltsounis on April 5, 2023 Posted in Healthcare

Medical, medicine and Science. Molecular DNA model Structure and DNA sequencing. Analysis. Digital healthcare and network connection on hologram modern virtual screen interface, medical technology and network concept.

Since the U.S. Supreme Court’s Dobbs v. Jackson Women’s Health Organization decision, healthcare privacy has become a more urgent issue as states such as Missouri seek to limit women from obtaining abortions in other states. For example, certain period tracking apps could be used to penalize anyone seeking or considering an abortion. In an effort … Continue Reading

Latest FTC Health Privacy Case Sheds Light on Agency Health Privacy Approaches

By Aleksandra Vold and Daniel Kaufman on February 7, 2023 Posted in FTC

Health privacy has been a Federal Trade Commission (FTC) priority for decades, and indeed, one of its very first privacy cases, in the early 2000s, involved the inadvertent sharing of user health data. Fast-forward a few decades, and health privacy remains a major concern. Case in point: The latest FTC privacy enforcement action focuses on … Continue Reading

OCR Issues Alert Regarding Phishing Email Disguised as Official OCR Audit Communication

By Patrick H. Haggerty on November 29, 2016 Posted in HIPAA/HITECH, Medical Privacy

11/30/2016 Update: Today OCR issued another alert relating to the phishing email campaign and has shared that the phishing email originates from the email address OSOCRAudit@hhs-gov.us and directs individuals to a URL at http://www.hhs-gov.us. This is a subtle difference from the official email address for OCR’s HIPAA audit program, OSOCRAudit@hhs.gov. Covered entities and business associates … Continue Reading

Deeper Dive: The Changing Landscape of Healthcare Data Breaches

By Lynn Sessions on April 4, 2016 Posted in HIPAA/HITECH, Incident Response, Medical Privacy

For the second year in a row, the BakerHostetler Data Security Incident Response Report demonstrates that healthcare breaches continue to be the highest percentage of incidents that we handled in 2015. This year’s Report provides insights generated from the review of more than 300 incidents that our attorneys advised on in 2015. The report confirms … Continue Reading

OCR HIPAA Phase 2 Audits Coming Soon. Be Prepared.

By Paulette Thomas on November 24, 2015 Posted in HIPAA/HITECH, Medical Privacy

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) recently announced that the agency expects to begin Phase 2 Audits in early 2016. OCR intends to conduct desk audits and on-site audits of covered entities (CEs) and business associates (BAs), and has contracted with FCi Federal, Inc., to conduct the data … Continue Reading

Healthcare Privacy – 2013 Year in Review

By Lynn Sessions on January 2, 2014 Posted in HIPAA/HITECH, Medical Privacy

Authors: Lynn Sessions, Kimberly Wong, Cory Fox and Anne Foster. On January 25, 2013, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) published the long-awaited HIPAA Omnibus Final Rule (Final Rule), which includes the most sweeping changes to HIPAA since the Privacy and Security Rules were released. Under the … Continue Reading

North Dakota Breach Notification Law – Personal Information Includes Health Information

By Kimberly M. Wong on September 29, 2013 Posted in Breach Notification, Data Breach Notification Laws, Data Breaches, HIPAA/HITECH, Medical Privacy, State Legislation

North Dakota has amended its Notice of Security Breach for Personal Information statute, North Dakota Century Code Section 51-30 et seq., to expand the definition of “personal information” to include “medical information” and health insurance information.” Pursuant to the amended statute, “medical information” includes any information regarding an individual’s medical history, mental or physical condition, … Continue Reading

Be Careful What You Wish For: The Final Rule Is Out

By BakerHostetler on January 23, 2013 Posted in HIPAA/HITECH, Medical Privacy

The long awaited HIPAA/HITECH final rule is out. Data Privacy Monitor contributors Theodore J. Kobus III and Lynn Sessions held a webinar that covered what stands out as big changes and how healthcare organizations need to prepare. Have the standards just been juggled or will healthcare organizations need to change their approach? View Webinar Recording. Ted and Lynn have helped … Continue Reading

What Covered Entities and Business Associates Need to Do to Prepare for the New HIPAA/HITECH Requirements (Part I)

By Theodore J. Kobus III on January 21, 2013 Posted in Breach Notification, Data Breach Notification Laws, Data Breaches, Enforcement, HIPAA/HITECH, Medical Privacy

The Department of Health and Human Services (HHS) issued, on January 17, 2013, its Final Omnibus Rule modifying the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) Privacy and Security Rules as well as the breach notification rules of the Health Information Technology for Economic and Clinical Health Act (“HITECH”). Our initial discussion can … Continue Reading