The new Federal Communications Commission (FCC) Privacy and Data Security Rule for broadband internet access service (BIAS) providers (Privacy Rule) was set to start phased implementation on March 2, 2017. We have previously detailed what the Privacy Rule would require and when in prior blog posts available here and here. However, on March 1, 2017, … Continue Reading
While OCR enforcement activity has focused on a covered entity’s safeguarding of ePHI, organizations cannot forget about PHI in non-electronic form. To settle potential violations of the HIPAA Privacy Rule, Parkview Health System, Inc. (“Parkview”), a nonprofit healthcare system providing community-based healthcare services to individuals in northeast Indiana and northwest Ohio, entered into a resolution … Continue Reading
Under the Privacy Rule, an individual has the right to adequate notice of how a covered entity may use and disclose PHI about the individual, as well as his/her rights and the covered entity’s obligations with respect to that information. Thus, a covered entity must develop and provide to individuals with a Notice of Privacy … Continue Reading
The Department of Health and Human Services Office for Civil Rights (HHS OCR) today announced its 4th resolution agreement of 2013. Affinity Health Plan, Inc., a not-for-profit managed care plan serving the New York metropolitan area, has agreed to settle potential violations of the HIPAA Privacy and Security Rules for $1,215,780. The resolution agreement relates … Continue Reading
Posted in Online Privacy
