Tag Archives: HIPAA

HIPAA Violation Settlement for Failure to Establish Breach Notification Policies and Procedures

A Massachusetts dermatology practice, APDerm, has agree to make a $150,000 payment and enter into a corrective action plan with the U.S. Department of Health and Human Services’ Office for Civil Rights in order to settle potential violations of HIPAA … Continue reading

Leave a Comment

WellPoint Pays $1.7 Million to Resolve Alleged HIPAA Violations

The managed care company WellPoint Inc. has reached a Resolution Agreement with the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) to settle allegations that it violated the Health Insurance Portability and Accountability Act of 1996 … Continue reading

Leave a Comment

HIPAA Final Rule Posted

This afternoon, the Department of Health and Human Services posted a long-awaited, 563-page omnibus final rule under HIPAA, which will be published in the Federal Register on January 25, 2013, and which makes a variety of modifications to HIPAA’s Privacy, Security, Breach … Continue reading

Leave a Comment

HIPAA Enforcement for Breach Involving Less than 500 Patients

The U.S. Department of Health and Human Services (HHS) initiated a compliance investigation after the Hospice of North Idaho (HONI) reported to HHS that an unencrypted laptop computer containing the electronic protected health information (ePHI) of 441 patients had been … Continue reading

Leave a Comment

The danger of unencrypted protected health information: 55,000 patients’ PHI exposed.

An Indianapolis oncology group has disclosed that data concerning about 55,000 patients was stored on a stolen laptop computer.  A backup copy of the Cancer Care Group’s server was stored on the computer, which was stolen from a locked car.  … Continue reading

Leave a Comment

When HIPAA Investigations Broaden To Scrutinize Unrelated Business Practices: The Settlement between the State of Minnesota and Accretive Health

Prosecutions involving breaches of protected health information under the Health Insurance Portability and Accountability Act (“HIPAA”) are becoming more frequent; we have noted recent civil settlements involving providers in Massachusetts and Alaska, as well as a criminal prosecution in California.  … Continue reading

1 Comment

Alaska Department of Health and Social Services Pays $1.7 Million to Settle HIPAA Security Rule Matter

Today, the Office of Civil Rights (“OCR”) of the Department of Health and Human Services (“HHS”) announced that the Alaska Department of Health and Social Services (Alaska DHSS), which is that state’s Medicaid agency, has agreed to pay $1.7 million to … Continue reading

1 Comment

HIPAA: Conversion to Version 5010

As of January 1, 2012, all healthcare providers were required to transition from version 4010/4010A to version 5010 standards for submitting electronic transactions, and the failure to comply may result in claim denials or a government investigation. CMS has repeatedly … Continue reading

Leave a Comment

Hospital Settles Data Breach Allegations with Massachusetts Attorney General

Late last month, the Massachusetts Attorney General, Martha Coakley, announced that her office had reached a settlement with South Shore Hospital regarding  alleged violations of the Massachusetts Consumer Protection Act and the Health Insurance Portability and Accountability Act (“HIPAA”) stemming from … Continue reading

2 Comments

Ninth Circuit on HIPAA Criminal Liability: No Knowledge Requirement

On May 10, 2012, the United States Court of Appeals for the Ninth Circuit issued its opinion in United States v. Zhou, No. 10-50231 (9th Cir. May 10, 2012), and held that the criminal misdemeanor provision of the Health Insurance … Continue reading

1 Comment