Data Privacy & Cybersecurity PracticeThe Office for Civil Rights (OCR) at the Department of Health and Human Services (HHS), which is the body responsible for enforcing certain regulations pursuant to the Health Insurance Portability and Accountability Act of 1996 (HIPAA), is exercising its enforcement discretion to meet the needs of health care providers and patients during the COVID-19 (Coronavirus) public health emergency.
Read more »Tag: hhsocr
-
OCR Announces HIPAA Telehealth Security Waiver in Response to COVID-19 Pandemic Posted on: March 20, 2020 In: Data Privacy & Cybersecurity
-
Ransomware and the Paramount Importance of Evidence Preservation for Healthcare Entities Posted on: March 10, 2020 In: Data Privacy & CybersecurityOrganizations regulated by the Healthcare Information Privacy and Accountability Act (HIPAA) must take special care to preserve valuable forensic artifacts at the outset of a ransomware or other cybersecurity event. The HIPAA Breach Notification Rule presumes a cybersecurity incident has resulted in unauthorized access to unsecured protected health information and the burden shifts to the organization to show a low probability of the compromise of the health information it maintains.
Read more »
-
HIPAA Small Breach Notification Deadline is March 1, 2020 – The Clock’s Ticking to Submit to HHS/OCR! Posted on: February 27, 2020 In: Data Privacy & CybersecurityOrganizations that experienced a data incident in 2019 affecting the protected health information (PHI) of less than 500 individuals have just a few more days to submit their notification to the U.S. Department of Health & Human Services’ Office for Civil Rights (HHS/OCR).
Read more »
-
HIPAA Breach Reporting: Focus on Remediation in Responding to an HHS/OCR Investigation Posted on: February 25, 2019 In: Data Privacy & CybersecurityLast year was another banner year for HIPAA data breaches reported to the Department of Human Services Office of Civil Rights (HHS/OCR), and the reporting period hasn’t yet closed, as organizations experiencing breaches affecting fewer than 500 individuals have until 60 days after the end of the calendar year in which the breach occurred to make the report.
Read more »
Blog Search
Featured Posts
- October 12, 2020 Voting-Leave Laws: What Employers in New York Should Know Before Election Day
- October 08, 2020 Inclusion Provides Opportunities to Build the Strongest, Most Resilient & Creative Workforce for Future Success
- September 24, 2020 Legislative Alert: California Passes Genetic Information Privacy Act
- July 15, 2020 A Time for Reflection: Advisen’s 2020 Cyber Law Firm of the Year Award
- July 14, 2020 Accounting Firms: Confirming Security of Client Information After Reports of Tax Fraud
- July 09, 2020 U.S. Supreme Court Gives Grace to Religious Employers
- June 18, 2020 Business Email Compromise Attacks on the Rise in 2020
- June 15, 2020 U.S. Supreme Court Outlaws Discrimination Against LGBTQ+ Employees
- June 03, 2020 California AG Submits CCPA Regulations for Final Approval, Paving the Way Toward Enforcement
- May 29, 2020 Seventh Circuit Court of Appeals Recent Decision in Molson-Coors v. Anheuser-Busch Affirms Lesson: Choose Words Wisely
Blog Tags
accounting firms
alabama
anti-money laundering
arkansas
audit
audit logging
bank secrecy act
biometric data
bitcoin
blockchain
breach notification
california
ccpa
client notification
colorado
commission
congress
consumer notification
coronavirus
covid-19
cryptocurrency
cybersecurity
cyber threat
data breach
data privacy
dataprivacy
data privacy officer
data security
department of health and human services
department of transportation
electronic benefit transfer
email
employment
equifax
eu
eu-u.s. privacy shield
european union
fbi
fcc
fcra
federal trade commission
financial services
forensic investigation
fraud
gdpr
genetic information privacy act
genetic testing
hacking
healthcare
hhsocr
hipaa
holiday season
homeland security
human resources
identity theft
illinois
information security
irs
legislative alert
malware
managed service providers
maritime cybersecurity
maryland
microsoft office 365
multi-factor identification
nevada
new jersey
new mexico
new york
ninth circuit
nist security controls
office for civil rights
personal data
personal information
phishing
pre-breach services
privacy
privacy notification
protected health information
ransomware
regulations
scareware
security vulnerabilities
social engineering
social media
ssn
statute
students
supreme court
tax returns
utah
vermont
video-teleconferencing
virginia
virus
w2
washington
websites
workplace policy
zoom