Tag Archives: HIPAA

HHS OCR Issues Guidance on HIPAA, COVID-19 Vaccinations, and the Workplace

On September 30, 2021, the U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) issued guidance to help the public understand when the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule applies to disclosures and requests for information about whether a person has received a COVID-19 vaccine.

The guidance reminds the public that the HIPAA Privacy Rule does not apply to employers or employment records.… More

Proposed Amendments to HIPAA Regulations to “Empower Patients, Improve Coordinated Care, and Reduce Regulatory Burdens”

Nearly 20 years to the day after the first HIPAA privacy regulations were announced, HHS has posted proposed revisions to HIPAA, evidence that even after twenty years, HIPAA privacy remains a work in progress. These proposed revisions are styled by HHS OCR as an attempt “to support individuals’ engagement in their care, remove barriers to coordinated care, and reduce regulatory burdens on the health care industry.”… More

Jeremy Meisinger discusses why strong, transparent privacy protections are both possible and necessary to secure the public buy-in needed to make public health surveillance work

Both legally and practically, there need not be an exclusive choice between health information privacy and using GPS and other technology to gather and provide information about COVID-19. Foley Hoag’s Jeremy Meisinger shares more in this GPS World article.

COVID-19 and HIPAA: OCR Guidance on Disclosures to Law Enforcement, First Responders, and Public Health Authorities

On March 24, 2020, the Office for Civil Rights (OCR) at the Department of Health and Human Services issued guidance on how HIPAA covered entities may disclose protected health information (PHI) about an individual who has been infected with or exposed to COVID-19 to law enforcement, paramedics, other first responders, and public health authorities in compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule.… More

Enforcement of HIPAA Rules for Telehealth Relaxed Due to COVID-19 Public Health Emergency

On Friday, March 20, 2020, the Department of Health and Human Services Office for Civil Rights (“OCR”) announced it will “exercise its enforcement discretion and will not impose penalties for noncompliance with the regulatory requirements under the HIPAA Rules against covered health care providers in connection with the good faith provision of telehealth during the COVID-19 nationwide public health emergency. This notification is effective immediately.”… More

U.S. Department of Health and Human Services Office for Civil Rights BULLETIN: HIPAA Privacy and Novel Coronavirus

The coronavirus and Covid-19 are impacting everything and everyone, and certainly health information privacy. Here is a useful summary of health information issues to be mindful of from HHS OCR on HIPAA privacy and the coronavirus/Covid-19. Topics covered in the bulletin include:

Sharing Patient Information
Disclosures to Family, Friends, and Others Involved in an Individual’s Care and for Notification
Disclosures to Prevent a Serious and Imminent Threat
Disclosures to the Media or Others Not Involved in the Care of the Patient/Notification

For more information on HIPAA and Public Health,… More

Presentation: MaHIMA Dot Wagg Memorial Legislative Seminar

Partner Colin Zick recently spoke at the MaHIMA Dot Wagg Memorial Legislative Seminar on HIPAA updates. Click here to download the slides. Topics included: HIPAA FAQs on right of access, CMS interoperability and the patient access proposed rule, HIPAA enforcement trends, the proposed AKS safe harbors, and more. More

Hospital Fined $85,000 by OCR for Failure to Provide Timely Access to Patient Records

Today, in the first settlement of its kind, the Office for Civil Rights at the U.S. Department of Health and Human Services (“OCR”) announced that Bayfront Health St. Petersburg (“Bayfront”) has paid $85,000 to OCR and has adopted a corrective action plan to settle a potential violation of the right of access provision of the Health Insurance Portability and Accountability Act (HIPAA). This is also the first enforcement action under OCR’s Right of Access Initiative,… More

Partner Colin Zick Discusses Sports Betting and Biometric Data with the Boston Globe

As Massachusetts lawmakers consider whether to legalize sports betting, professional athletes fear that their biometric data – which can be collected and analyzed as part of their training – could become a commodity in this form of gambling. Professional sports leagues say that they have no plans to make this data available for gamblers, but the use of biometric data from wearable health devices is not covered by health privacy laws.… More

HHS to Reduce Top HIPAA Fines Based on “Level of Culpability”

In a Notification of Enforcement Discretion Regarding HIPAA Civil Money Penalties issued on April 23, 2019, the Department of Health and Human Services (HHS) exercised “its discretion in how it applies HHS regulations concerning the assessment of Civil Money Penalties (CMPs) under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), as such provision was amended by the Health Information Technology for Economic and Clinical Health (HITECH) Act” to reduce the maximum annual fines it will impose for HIPAA violations.… More