The Notifications of Enforcement Discretion issued under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Health Information Technology for Economic and Clinical Health (HITECH) Act during the COVID-19 public health emergency expired at 11:59 pm on May 11, 2023, due to the expiration of the COVID-19 public health emergency.
Visit the article webpage to learn more
The U.S. Department of Health & Human Services (HHS), through its Office for Civil Rights, issued a Notice of Proposed Rulemaking (NPRM) to strengthen Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule protections by prohibiting the use or disclosure of protected health information (PHI) to investigate or prosecute patients, providers, and others involved in the provision of legal reproductive health care, including abortion care. HHS has heard from patients, providers, and organizations representing thousands of individuals that this change is needed to protect patient-provider confidentiality and prevent private medical records from being used against people for merely seeking, obtaining, providing, or facilitating lawful reproductive health care.
Visit the article webpage to learn more
The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR), in partnership with the U.S. Attorney’s Office for the Eastern District of Michigan (DOJ), entered into an agreement with Dearborn Obstetrics and Gynecology, P.C. (Dearborn OBGYN), to resolve an alleged federal civil rights violation. OCR received a complaint alleging that Dearborn OBGYN refused repeated requests to provide the complainant with a sign language interpreter for a preoperative appointment. The complainant further alleged that Dearborn OBGYN retaliated against her for requesting an interpreter by cancelling her preoperative appointment and surgery and by terminating her as a patient. Failure to provide effective communication for individuals who are deaf or hard of hearing violates Section 504 of the Rehabilitation Act of 1973 (Section 504) and Section 1557 of the Affordable Care Act of 2010 (Section 1557).
The U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR), is pleased to announce it has reached an agreement with Hillsborough County Fire and Rescue, in Hillsborough County, Florida, on corrective steps the County will implement to ensure that individuals needing emergency medical services are not discriminated against on the basis of race, color, or national origin, as required by Title VI of the Civil Rights Act of 1964. Hillsborough County Fire and Rescue agreed to implement a revised nondiscrimination policy to better protect individuals receiving its services from discrimination. OCR initiated a compliance review of Hillsborough County Fire and Rescue in response to public press reports indicating that its paramedics refused to transport an African American woman to the hospital because they assumed she could not afford the ambulance cost due to her race. Today’s announcement furthers HHS’s work to reduce health care disparities and improve access to health care services for communities of color.
The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) announced a settlement with Banner Health Affiliated Covered Entities (“Banner Health”), a nonprofit health system headquartered in Phoenix, Arizona, to resolve a data breach resulting from a hacking incident by a threat actor in 2016 which disclosed the protected health information of 2.81 million consumers. The settlement is regarding the Health Insurance Portability and Accountability Act (HIPAA) Security Rule which works to help protect health information and data from cybersecurity attacks.
The Federal Trade Commission has finalized its order with education technology provider Chegg Inc. for its careless data security practices that exposed sensitive information about millions of Chegg’s customers and employees, including Social Security numbers, email addresses, and passwords.
The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services announced a settlement with Life Hope Labs, LLC (“Life Hope Labs”), a full-service diagnostic laboratory in Sandy Springs, Georgia, concerning a potential violation of the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule’s right of access provision. The rule requires that patients be able to access their health information in a timely manner. This investigation marks the 43rd case to be resolved under OCR’s HIPAA Right of Access Initiative, designed to improve compliance by regulated entities with the law. Life Hope Labs agreed to implement a corrective action plan and pay $16,500 to resolve this investigation.
The Federal Trade Commission today issued a policy statement affirming that health apps and connected devices that collect or use consumers’ health information must comply with the Health Breach Notification Rule, which requires that they notify consumers and others when their health data is breached.
Visit the article webpage to learn more.
The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) announced the resolution of eleven investigations in its Health Insurance Portability and Accountability Act (HIPAA) Right of Access Initiative, bringing the total number of these enforcement actions to thirty-eight since the initiative began. OCR created this initiative to support individuals’ right to timely access their health records at a reasonable cost under the HIPAA Privacy Rule.
Visit the article webpage to learn more.
Oklahoma State University – Center for Health Sciences (OSU-CHS) has paid $875,000 to the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) and agreed to implement a corrective action plan to settle potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Privacy, Security, and Breach Notification Rules. OSU-CHS is a public land-grant research university which provides preventive, rehabilitative, and diagnostic care in Oklahoma.
Visit the article webpage to learn more.