Month:

March 2017

HIPAA Punctuality: Always Insist On It In Your Subordinates

In an unprecedented act, the Office for Civil Rights (OCR) entered into a settlement agreement with Presence Health Network based on the healthcare system’s failure to timely report a breach of unsecured protected health information (PHI). Under the Breach Notification Rule of the Health Insurance Portability and Accountability Act (HIPAA) a covered entity must notify affected individuals, the Department of Health and Human Services (HHS), and the media for breaches affecting 500 people or more. Presence Health will pay $475,000 and implement a corrective action plan (CAP) to address misunderstandings in workforce member roles and responsibilities relating to the notification process.

OCR Audits Subject To Phishing Hack

Christine Bulgozdi Associate Editor Loyola University Chicago School of Law, JD 2018   Back in November, the Department of Human Services (HHS) Office of Civil Rights (OCR) released an alert stating that a phishing scam masquerading as an OCR Audit had been spotted being sent out to Health Information Portability and Accountability Act (HIPAA) covered …
Read more

State Legislature Proposes New Bill to Ensure Athlete Safety

Meghan Murphy Associate Editor Loyola University Chicago School of Law, JD 2018   In January 2017, Connecticut joined the list of states seeking to implement new safety protections for their student-athletes by proposing a new bill, No. 6870, establishing an athletic protection commission.  While the law might be appealing on paper, both the NCAA and …
Read more

When Policies and Procedures Are Just Not Enough: Memorial Healthcare System Settlement

Alexander Thompson Associate Editor Loyola University Chicago School of Law, JD 2018   On February 16, 2017, the HHS Office of Civil Rights Acting Director, Robinsue Frohboese, announced the second largest HIPAA settlement fine ever. At $5.50 million, Memorial Healthcare System’s fine was just behind the $5.55 million given to Advocate Healthcare in 2016. Memorial …
Read more

Curing the Risk of Improper Social Media Use Amongst Health Care Professionals

Mary H. Carlson Associate Editor Loyola University Chicago School of Law, JD 2018   Social media has emerged as a preferred platform for the expression of personal opinions, a means of gathering new information, and as an important networking tool. However, health care profs subject themselves to particular dangers health care professionals (HCPs) subject themselves …
Read more

Protected Health Information: Has it been Compromised?

Ryan Whitney Managing Editor Loyola University Chicago School of Law, JD 2017   HIPAA breaches occur on a daily basis. Although undesirable, many of these breaches are not serious enough to require patient notification. But others are more egregious and can cause harm to both the patient and the providing entity. This article outlines a …
Read more

The Baxter Settlement and its Implications for FCA Liability

Kaitlin Lavin Executive Editor Loyola University Chicago School of Law, JD 2017   In January, Baxter Healthcare Corporation (“Baxter”) agreed to pay $18,158 million after the Department of Justice (DOJ) brought suit for violating the Food, Drug, and Cosmetic Act (FCDA) and the False Claims Act (FCA). The Baxter case is unique because it was …
Read more

New York Law Could Shake Up Compliance Departments

Gilbert Carrillo Executive Editor Loyola University Chicago School of Law, JD 2017   The state of New York is in the process of implementing a new rule requiring some financial U.S. and foreign institutions, with New York offices, to prove that their transaction monitoring and sanctions filtering programs for catching criminal activity do in fact …
Read more

Joint Guidance Confirms the Sharing of Health Information Subject to FTC Regulations, Not Only HIPAA

Logan Parker Privacy Editor Loyola University Chicago School of Law, LL.M. in Health Law 2017   On October 22, 2016, the Federal Trade Commission (“FTC”) in collaboration and conjunction with the Department of Health and Human Services’ Office for Civil Rights (“OCR”) released new guidance on key privacy and security considerations for organizations handling health …
Read more