Category:Privacy & Security
OCR Audits Subject To Phishing Hack
Christine Bulgozdi Associate Editor Loyola University Chicago School of Law, JD 2018 Back in November, the Department of Human Services (HHS) Office of Civil Rights (OCR) released an alert stating that a phishing scam masquerading as an OCR Audit had been spotted being sent out to Health Information Portability and Accountability Act (HIPAA) covered …
Read more
When Policies and Procedures Are Just Not Enough: Memorial Healthcare System Settlement
Alexander Thompson Associate Editor Loyola University Chicago School of Law, JD 2018 On February 16, 2017, the HHS Office of Civil Rights Acting Director, Robinsue Frohboese, announced the second largest HIPAA settlement fine ever. At $5.50 million, Memorial Healthcare System’s fine was just behind the $5.55 million given to Advocate Healthcare in 2016. Memorial …
Read more
Curing the Risk of Improper Social Media Use Amongst Health Care Professionals
Mary H. Carlson Associate Editor Loyola University Chicago School of Law, JD 2018 Social media has emerged as a preferred platform for the expression of personal opinions, a means of gathering new information, and as an important networking tool. However, health care profs subject themselves to particular dangers health care professionals (HCPs) subject themselves …
Read more
Protected Health Information: Has it been Compromised?
Ryan Whitney Managing Editor Loyola University Chicago School of Law, JD 2017 HIPAA breaches occur on a daily basis. Although undesirable, many of these breaches are not serious enough to require patient notification. But others are more egregious and can cause harm to both the patient and the providing entity. This article outlines a …
Read more
Joint Guidance Confirms the Sharing of Health Information Subject to FTC Regulations, Not Only HIPAA
Logan Parker Privacy Editor Loyola University Chicago School of Law, LL.M. in Health Law 2017 On October 22, 2016, the Federal Trade Commission (“FTC”) in collaboration and conjunction with the Department of Health and Human Services’ Office for Civil Rights (“OCR”) released new guidance on key privacy and security considerations for organizations handling health …
Read more
Compliance Spotlight: Adam Solander, Epstein Becker Green
ADAM C. SOLANDER is a Member of Epstein Becker Green’s Health Care and Life Sciences practice, in the firm’s D.C. office. Mr. Solander advises clients on data breach/cybersecurity issues across industry lines, including compliance with HITECH, HIPAA, PCI, JCAHO, CMS, ISO, NIST, and various other federal, state, and business requirements.
The following is an interview with him discussing the unique cybersecurity challenges facing the healthcare sector, and how the industry can move past HIPAA compliance to a more robust definition of privacy and security.
HHS Finalizes Substance Abuse Patient Record Sharing Rule
Fannie Fang Executive Editor Loyola University Chicago School of Law, JD 2017 On January 18, 2017, the Department of Health and Human Services (“HHS”) issued a final rule to update and improve the Confidentiality of Alcohol and Drug Abuse Patient Records regulations, known as 42 CFR Part 2 (“Part 2”). The purpose of the …
Read more
Advocate Settles with OCR for $5.55 Million, Officially the Highest Single HIPAA Violation Settlement to Date
Fannie Fang Executive Editor Loyola University Chicago School of Law, JD 2017 The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently agreed to a settlement with Advocate Health Care Network (Advocate), the largest health systems in the Chicago area. In the settlement, Advocate agreed to pay a sum of …
Read more
Legislation Involving Disclosure of Data Breaches
Gilbert Carrillo Executive Editor Loyola University Chicago School of Law, JD 2017 Yahoo is just the latest company to have a major cyber security data breach. What is more troubling is how this data breach occurred about 2 years ago and only just now the public is being told about the incident. Was Yahoo …
Read more
HIPAA Vulnerabilities Highlighted in Oregon Health & Science University Settlement
Logan Parker Privacy Editor Loyola University Chicago School of Law, LL.M in Health Law 2017 In 2013, Oregon Health & Science University (“OHSU”), Oregon’s only academic health center, reported numerous breaches of unsecured electronic protected health information (“ePHI”), including two breaches within the span of five months. This led to the Office of Civil …
Read more