Change to 42 C.F.R. Part 2? HIPAA & HITECH Act Blog by Jonathan P. Tomes
As substance abuse treatment providers know, 42 C.F.R. Part 2 “trumps”―that is, preempts―the HIPAA Privacy Rule because it gives more protection for substance abuse treatment .. read more
Changed HIPAA and HITECH Penalties—a Boon or a Trap for the Unwary: HIPAA & HITECH Act Blog by Jonathan P. Tomes
The Department of Health and Human Services (“HHS”) has announced a new penalty structure for the civil money penalties (“CMPs”) for HIPAA violations that apparently .. read more
Business Associates Face the Same HIPAA Penalties as Covered Entities: HIPAA & HITECH Act Blog by Jonathan P. Tomes
The Attorney General of New Jersey recently announced a $200,000 settlement for a HIPAA violation with a business associate, one of the classic examples of .. read more
Security Breaches Aren’t the Only Compliance Risks! So Are Privacy Rights Violations: HIPAA & HITECH Act Blog by Jonathan P. Tomes
A recent announcement by the Dental Board of California has reinforced the notion that having a breach of security, such as a hacker’s gaining access .. read more
Lack of Business Associate Agreement Costs $500,000! HIPAA & HITECH Act Blog by Jonathan P. Tomes
Advanced Care Hospitalists PL (“ACH”) recently settled a Department of Health and Human Services (“DHHS”) Office for Civil Rights (“OCR”) enforcement action for $500,000 for .. read more
EHR Vendor Settles False Claims Act Violation Case for $57.25 Million: HIPAA & HITECH Act Blog by Jonathan P. Tomes
So what does HIPAA have do to with the Federal False Claims Act? As simply stated as possible, the Meaningful Use criteria for getting government .. read more
DHHS Seeks Your Comments: HIPAA & HITECH Act Blog by Jonathan P. Tomes
The Office for Civil Rights (“OCR”) of the Department of Health and Human Services (“DHHS”) has issued a Request for Information (“RFI”), seeking public comments .. read more
DHHS OIG Finds Deficiencies in FDA Policies and Procedures to Address Cybersecurity Risk in Postmarket Medical Devices: HIPAA & HITECH Act Blog by Jonathan P. Tomes
As a follow-on to the previous three blog posts addressing the mIoT—that is, the medical Internet of Things―an Office of the Inspector General (“OIG”) audit .. read more
Reducing mIoT Risks: HIPAA & HITECH Act Blog by Jonathan P. Tomes
In two recent blogs, we have discussed how the Internet of Things (“IoT”) has become the mIoT—that is, the medical Internet of Things―and what this .. read more
Risk and the Internet of Things (“IoT”): HIPAA & HITECH Act Blog by Jonathan P. Tomes
The Internet of Things (“IoT”) is a concept that is becoming more and more important in HIPAA compliance. The Internet of Things generally is the .. read more