Significant HIPAA Fine Follows Business Associate’s Stolen iPhone

The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) recently announced a significant settlement with Catholic Health Care Services of the Archdiocese of Philadelphia (CHCS), a business associate under HIPAA, arising from a breach of protected health information (PHI) after the theft of an employee’s iPhone. The iPhone … Continue Reading

Senators Request Information from HHS About Medical Identity Theft Efforts

By Krysten Rosen Moller on November 18, 2015 Posted in Cybersecurity, Data Security

Last week, the chairmen and ranking members of the Senate Committee on Health, Education, Labor, and Pensions and the Senate Committee on Finance sent a letter to Andy Slavitt, Acting Administrator for the Centers for Medicare & Medicaid Services (“CMS”), and Jocelyn Samuels, Director of the Health and Human Services (“HHS”) Office for Civil Rights … Continue Reading

HIPAA 2015 Enforcement Priorities Highlight Cyber Threats, But Timing of HIPAA Compliance Audits Still Uncertain

By Liza Khan on January 26, 2015 Posted in Cybersecurity, Data Security, Health Data, HIPAA and Data Privacy

On January 13, 2015, Jocelyn Samuels, director of the Office of Civil Rights (OCR) at the U.S. Department of Health and Human Services, briefed reporters on the agency’s HIPAA enforcement priorities, noting a focus on threats to electronic health information, or ePHI. Samuels highlighted an increase in infiltration of computer networks reported under the breach … Continue Reading