Late Breach Notification Leads to Half a Million Dollar HIPAA Settlement

Failure by a covered entity to timely report a breach of protected health information (PHI) resulted in the first of its kind settlement in the amount of $475,000.

Continue reading »

Section 1557 – ACA’s New Non-Discrimination Final Rule

The Office of Civil Rights (OCR) within the U.S. Department of Health and Human Services, recently issued a Non-discrimination in Health Care Programs and Activities rule. This final rule implements Section 1557 of the Patient Protection and Affordable Care Act (ACA). Section 1557 builds on existing civil rights laws and prohibits discrimination on the basis of race, color, national origin, sex, age, or disability in certain health programs and activities and applies broadly to many providers and suppliers.

Continue reading »

OIG Finds OCR and Billing for Ambulance Services Needs Improvement

In a series of recent reports, the Office of Inspector General (OIG) noted a number of deficiencies and made a number of recommendations to improve and strengthen oversight of the HIPAA Privacy Standards and reduce the amount of inappropriate transportation billing.

Continue reading »

Another HIPAA Settlement With a Pharmacy for $125,000

The Office of the Civil Rights (OCR) within the US Department of Health and Human Services recebtly settled a HIPAA violation case with a single location compounding pharmacy in Denver, Colorado. This is yet another HIPAA settlement underscoring the importance of properly implementing and maintaining a compliance plan.

Continue reading »

Lessons From a Major Settlement Over PHI Disposal

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) reached a major settlement with a non-profit covered entity (CE) resolving allegations of violation of the HIPAA Privacy Rule for allegedly failing to appropriately and reasonably safeguard protected health information.

Continue reading »

OCR Announces Delay In Lab Enforcement Action

The Office of the Civil Rights (OCR) of the Department of Health and Human Services announced recently that it will delay enforcement of a new requirement that certain HIPAA covered laboratories revise their notice of privacy practices to comply with changes made by the Omnibus Rule until further notice.

Continue reading »