Header graphic for print
Privacy & Security Matters Mintz Levin : Data Compliance & Security, Employee Privacy Lawyer & Attorney

Tag Archives: PHI

Latest OCR Enforcement Action: Underbed Storage is Not Appropriate for PHI

Posted in HIPAA/HITECH

Written by Kate Stewart Recent enforcement actions by the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) have highlighted that, not surprisingly, Covered Entities should not leave medical records in a physician’s driveway and should not dispose of protected health information (“PHI”) in a dumpster. From an action against a home… Continue Reading

Changes in Breach Notification Risk Assessments Under HIPAA

Posted in Data Breach Notification, Data Compliance & Security, HIPAA/HITECH, Privacy Regulation

Reposted from Mintz Levin’s Health Law & Policy Matters blog The American Bar Association Health Law Section’s July 2014 eSource publication includes an article by Dianne Bourque, Kimberly Gold, and Stephanie Willis that provides examples of how risk assessments under the Breach Notification Rule have changed since the HIPAA Omnibus Rule went into effect in September 2013.   The examples analyzed… Continue Reading

How Accountable Care Organizations (ACOs) Will Use and Disclose Protected Health Information While Complying with HIPAA

Posted in Uncategorized

Written by Dianne Bourque The Centers for Medicare & Medicaid Services (CMS) has released proposed regulations establishing Accountable Care Organizations (ACOs) and creating the Medicare Shared Savings Program (the Program). The Program will permit health care providers and suppliers to form ACOs and to reward those that lower health care costs for Medicare fee-for-service beneficiaries,… Continue Reading

Improper Disposal Costs Rite Aid $1 Million

Posted in Data Breach

Written by Dianne Bourque Rite Aid has agreed to pay $1 million to settle allegations that it violated HIPAA by disposing of labeled pill bottles in unsecured dumpsters accessible to the public. The $1 million fine settles a joint Office of Civil Rights (OCR)/Federal Trade Commission (FTC) investigation prompted by televised media reports of pharmacies… Continue Reading

Privacy and Security Bits and Bytes

Posted in Data Breach

On this last day of April, there are a couple of breaches and another clarion warning about copy machines — We have blogged on this issue here and here — and again, there is another warning about the treasure trove of information residing on the hard drive of your copy machine. A CBS Evening News… Continue Reading

Security Bits and Bytes

Posted in Data Breach

A few items to wrap up/review privacy and security issues in 2009 and open up 2010: Gonzalez Pleads Guilty in December 2009 – but this piece from Retail Research Systems explains why retailers should not be sanguine about data security: Privacy Risks for 2010 RFID in 2010: The New Hampshire House of Representatives voted this… Continue Reading

Privacy and Security Bits and Bytes

Posted in Data Breach

After a bit of a hiatus, our Friday afternoon feature is back: Do you know what your information is worth on the black market? It may just surprise you. Good piece on a new Symantec tool to let you do the calculations. See Information Security Resources – What Are You Worth On The Black Market?… Continue Reading