Tag Archives: “HIPAA Breach Notification”

HHS Announces More HIPAA Enforcement Actions

The beginning of 2017 has brought a number of HIPAA enforcement actions involving covered entities. These enforcement actions indicate that HHS is continuing recent efforts to step up HIPAA enforcement and levy significant penalties for non-compliance. In January, HHS announced that it had reached a $475,000 settlement with a large health care network for failure … Continue Reading

Significant HIPAA Fine Follows Business Associate’s Stolen iPhone

A new post over on Covington’s eHealth blog discusses a recent enforcement action taken by the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) against Catholic Health Care Services, a business associate under HIPAA, arising out of a stolen iPhone.  This recent enforcement action should put business associates … Continue Reading

WEDI Issues Guidance for Assessment of Potential Breaches under HIPAA

Recently, the Workgroup for Electronic Data Interchange (WEDI) published a Breach Risk Assessment Issue Brief for stakeholders to use in analyzing whether a breach of  protected health information (PHI) has occurred under the Health Insurance Portability and Accountability Act (HIPAA).  Background Under HIPAA’s breach notification rule, covered entities and business associates are required to notify … Continue Reading

HHS Announces $1.7 Million HIPAA Settlement With WellPoint

On July 11, the Department of Health and Human Services (HHS) announced that WellPoint, a managed care company, paid HHS $1.7 million to settle potential violations of the HIPAA Privacy and Security Rules.  Like other recent enforcement actions, HHS initiated its investigation into WellPoint after the company provided notification of a breach of unsecured protected … Continue Reading
LexBlog