News
OCR Settles Improper Disposal Case for $300,640

On August 23, 2022, the Office for Civil Rights (OCR) issued a press release announcing that it had settled with New England Dermatology, P.C. (NED) for $300,640 “over the improper disposal...

Read more
News
Binary Check Ad Blocker Security News
OCR Settles Eleven More Cases Under Right of Access Initiative

Making quite the statement on July 15, 2022, the Office for Civil Rights (OCR) announced in a press release that it had recently settled an additional 11 cases under its Right...

Read more
News
Data Breach Class Action Against Radiology Companies Dismissed for Lack of Standing

Last week, New York federal judge Vincent L. Bricetti dismissed a data breach class action against Northeast Radiology PC (Northeast) and Alliance HealthCare Services (Alliance) because the plaintiffs failed to allege...

Read more
News
Okta Notifies Customers of LAPSUS$ Attack

Okta, which markets itself as a “leading provider of identity” in the health care, public sector, energy, financial services, technology, travel and hospitality, and nonprofit industries, has notified some of its...

Read more
News
Privacy Tip #324 – What Happens to My Health Information When a Hospital Goes Out of Business?

In general, both state and federal laws apply to health information or protected health information that is in the possession of hospitals, health systems, and medical providers. HIPAA requires that covered...

Read more
News
Reporting of Breaches Under 500 Due by March 1

HIPAA requires covered entities and business associates to report to the Office for Civil Rights (OCR) all breaches of unsecured protected health information when the incident involves fewer than 500 individuals...

Read more
News
Mobile Health Apps and the FTC’s Health Breach Notification Rule: New Enforcement Initiative Coming

Mobile health apps are growing in popularity and their number is increasing every year. Many of us find it convenient to use an app to schedule medical appointments, check medical records,...

Read more
News
New Jersey Settles with Cancer Center Over Business Email Compromise

One of the challenging things about HIPAA (Health Insurance Portability and Accountability Act) enforcement is the fact that both the Office for Civil Rights and State AGs have jurisdiction to assess...

Read more
News
No Private Right of Action under HIPAA, but State Law Claims May Still be Asserted

A federal district court in Montana has confirmed that HIPAA precludes a private right of action for patients to claim an unauthorized access, use, or disclosure of protected health information.  Nonetheless,...

Read more
News
OCR Cybersecurity Newsletter Focuses on Controlling Access to ePHI

The Office of Civil Rights (OCR) of the U.S. Department of Health & Human Services recently issued its Summer 2021 Cybersecurity Newsletter, which focuses on controlling access to electronic personal health...

Read more