Tag Archives: HIPAA

Are You a “Hybrid Entity” under the Health Insurance Portability and Accountability Act of 1996? The $4,348,000 Question

A single, multidisciplinary entity, like a university, may include certain departments that use PHI, and other departments that do not. Such institutions are eligible to (and should) self-identify as “hybrid entities” to better manage HIPAA compliance risk. The Health Insurance Portability and Accountability Act of 1996, as modified by the Health Information Technology for Economic … Continue Reading

A $31,000 Mistake: Failing To Manage Business Associate Agreements Proves Costly For Providers

The Center for Children’s Digestive Health (CCDH), a small, for-profit pediatric subspecialty practice that operates seven clinics in the Chicago area, has paid the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) $31,000 to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA).… Continue Reading

Do Routine Calls by Health Plans to Patients and Health Plan Members Constitute “Telemarketing” Under the Telephone Consumer Protection Act? Not Today!

Covered entities have a long list of laws and regulations governing their conduct, including their communications with patients, customers, and members.  Specifically, the Health Insurance Portability and Accountability Act (“HIPAA”) permits many such communications, including those about health care products and services, but precludes certain “marketing” communications absent written consent.  Recently, however, healthcare providers and … Continue Reading

WellPoint, Inc. Reaches $1.7 Million Dollar HIPAA Settlement Continuing the 2012 Trend of Heavy Fines

On July 11, 2013, the U.S. Department of Health and Human Services (HHS) announced that it had reached a $1.7 million dollar resolution agreement with insurer WellPoint Inc., following a security breach that left the personal information of 612,402 individuals exposed and available to unauthorized computer users. Between October 23, 2009, and March 7, 2010, … Continue Reading

HIPAA Statutory Changes Require Action Now by Providers, Plans and Their Business Associates

By Maureen Corcoran Sweeping changes to the obligations of providers, health plans and their service providers ("business associates") under HIPAA privacy and security rules were included in the American Recovery and Reinvestment Act of 2009. Previously only health plans and providers were covered under HIPAA and subject to the criminal and civil monetary penalties. Effective … Continue Reading
LexBlog

By scrolling this page, clicking a link or continuing to browse our website, you consent to our use of cookies as described in our Cookie and Advertising Policy. If you do not wish to accept cookies from our website, or would like to stop cookies being stored on your device in the future, you can find out more and adjust your preferences here.

Agree