Late Breach Notification Leads to Half a Million Dollar HIPAA Settlement

Failure by a covered entity to timely report a breach of protected health information (PHI) resulted in the first of its kind settlement in the amount of $475,000.

Continue reading »

OIG Finds OCR and Billing for Ambulance Services Needs Improvement

In a series of recent reports, the Office of Inspector General (OIG) noted a number of deficiencies and made a number of recommendations to improve and strengthen oversight of the HIPAA Privacy Standards and reduce the amount of inappropriate transportation billing.

Continue reading »

Another HIPAA Settlement With a Pharmacy for $125,000

The Office of the Civil Rights (OCR) within the US Department of Health and Human Services recebtly settled a HIPAA violation case with a single location compounding pharmacy in Denver, Colorado. This is yet another HIPAA settlement underscoring the importance of properly implementing and maintaining a compliance plan.

Continue reading »

Lessons From a Major Settlement Over PHI Disposal

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) reached a major settlement with a non-profit covered entity (CE) resolving allegations of violation of the HIPAA Privacy Rule for allegedly failing to appropriately and reasonably safeguard protected health information.

Continue reading »

Who is a Business Associate under HIPAA?

Last year’s passing of the new HIPAA requirements signaled the government’s concern that individually identifiable health information needs stronger protection beyond the borders of the healthcare industry. HIPAA already recognized this need by imposing obligations on covered entities and their business associates in prior versions of the rule. In the latest rule update, however, the US Department of Health and Human Services, among other things, expanded the definition and responsibilities of business associates and now made them directly liable for HIPAA noncompliance.

Continue reading »

OCR Announces Delay In Lab Enforcement Action

The Office of the Civil Rights (OCR) of the Department of Health and Human Services announced recently that it will delay enforcement of a new requirement that certain HIPAA covered laboratories revise their notice of privacy practices to comply with changes made by the Omnibus Rule until further notice.

Continue reading »

Why Medical Leases Are Different From Typical Commercial Leases

Medical space leasing requires more consideration and deeper analysis than typical commercial leases. Various federal and state laws regulate financial relationships of medical providers which in turn dictate the terms of a lease.

Continue reading »