Posted In:
Business Transactions & Corporate Counseling, Cybersecurity & Data Privacy and Health Care
Industries:
Technology and Health Care
Compliance Checkup & Corporate TIPS: Fifth Circuit Shines a Light on HIPAA "Encryption" and "Disclosure" Rules in M.D. Anderson Decision
By Laura F. Fryan on May 11, 2021
Earlier this year, the Fifth Circuit Court of Appeals handed down a decision vacating a $4.3 million penalty imposed on University of Texas's MD Anderson Cancer Center by the U.S. Department of Human Services (HHS) for self-reported HIPAA violations, including violations of the Encryption and Disclosure Rules....
Posted In:
Business Transactions & Corporate Counseling, Cybersecurity & Data Privacy and Health Care
Industry:
Health Care
Corporate TIPS and Compliance Checkup: Privacy Law Concerns with Virus Vaccine Tracking
By Jarman J. Smith on March 31, 2021
Attorney Jarman Smith discusses current privacy law concerns as COVID-19 vaccines are introduced. With emerging efforts to monitor those who have been vaccinated, many companies in the U.S. are struggling to determine how to handle and retain such sensitive health information of their employees or even customers....
Posted In:
Health Care
Industries:
Technology and Health Care
Compliance Checkup & Corporate TIPS: OCR Agrees to $1.5 Million Settlement with Orthopedic Clinic for HIPAA Breach
By Nicole M. Thorn on September 30, 2020
Data breaches have been top of mind for a while now, and their risk to the health care sector has never been higher. On September 21, 2020, the Office of Civil Rights (OCR) settled with Athens Orthopedic Clinic PA (Athens) for $1.5 million for a cyber breach it self-reported back in 2016...
Posted In:
Health Care
Industries:
Technology and Health Care
Corporate TIPS and Compliance Checkup: CCPA v. HIPAA - CCPA Gets Tested in the Health Care Space
By Craig S. Horbus & Nicole M. Thorn on April 16, 2020
The California Consumer Privacy Act (CCPA) has been in effect since January 2020, and is still the most stringent of all state laws regarding personally identifiable information (PII). The CCPA exempts some protected health information (PHI) from its requirements. Although there is no blanket exemption for health care providers, most of these providers are familiar with similar data privacy requirements under the Health Insurance Portability and Accountability Act (HIPAA). There is no private right of action for an individual under HIPAA for data breaches. The CCPA on the other hand, does provide such an action, which is why the state law is one of the more powerful privacy laws....
