Posted In:
Health Care
Industries:
Technology and Health Care
Compliance Checkup & Corporate TIPS: OCR Agrees to $1.5 Million Settlement with Orthopedic Clinic for HIPAA Breach
By Nicole M. Thorn on September 30, 2020
Data breaches have been top of mind for a while now, and their risk to the health care sector has never been higher. On September 21, 2020, the Office of Civil Rights (OCR) settled with Athens Orthopedic Clinic PA (Athens) for $1.5 million for a cyber breach it self-reported back in 2016...
Posted In:
Health Care
Industries:
Technology and Health Care
Corporate TIPS and Compliance Checkup: CCPA v. HIPAA - CCPA Gets Tested in the Health Care Space
By Craig S. Horbus & Nicole M. Thorn on April 16, 2020
The California Consumer Privacy Act (CCPA) has been in effect since January 2020, and is still the most stringent of all state laws regarding personally identifiable information (PII). The CCPA exempts some protected health information (PHI) from its requirements. Although there is no blanket exemption for health care providers, most of these providers are familiar with similar data privacy requirements under the Health Insurance Portability and Accountability Act (HIPAA). There is no private right of action for an individual under HIPAA for data breaches. The CCPA on the other hand, does provide such an action, which is why the state law is one of the more powerful privacy laws....