HIPAA

I don’t know how to say it any more clearly.  Somehow, medical and dental practices continue to get roped into responding to negative patient reviews on Yelp, Google, or elsewhere online, and posting any identifying information about a patient is a HIPAA violation. It’s protected health information (PHI), even if the patient posted something first.

On December 1, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) issued a Bulletin entitled ”Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates“ that addresses the responsibilities of HIPAA covered entities and business associates (“regulated entities”) when using online tracking technologies. Regulated entities need

On October 7, the U.S. Attorney’s Office for the District of New Jersey announced that a former physician pleaded guilty to conspiring to wrongfully disclose patients’ protected health information to a pharmaceutical sales representative. Frank Alario, who had had numerous offices in New Jersey, Manhattan and Florida, admitted to criminal HIPAA violations in connection with

On August 23, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) announced that Massachusetts-based New England Dermatology, P.C., d/b/a New England Dermatology and Laser Center (NEDLC), agreed to resolve alleged HIPAA violations for a fine of $300,640.

OCR commenced an investigation of NEDLC after the provider filed a breach report

In the next installment of Rivkin Radler’s Healthcare Compliance Lunch & Learn series, Ashley Algazi will discuss requirements and tips for success in conducting HIPAA breach assessments and making required disclosures. The program will:

• Review HIPAA breach definition
• Discuss the analysis and investigation process to determine whether a breach has occurred
• Review

Oklahoma State University’s Center for Health Services recently paid $875,000 to settle potential HIPAA violations after a cyberattack resulted in the unauthorized access of its patients’ protected health information. A hacker installed malware on the Center’s web server which contained electronic protected health information. More than 275,000 individuals were affected by the breach, which resulted

On June 13, the U.S. Department of Health and Human Services (HHS) issued guidance to explain how audio-only telehealth can comply with HIPAA, while also emphasizing that this mode of telehealth services can expand healthcare access to individuals who may have limited internet and broadband capabilities.

In response to the COVID-19 pandemic in March 2020,