Browse > Home / Archive by category 'HIPAA Security'

FTC Grants “Three-Month Delay of Enforcement of ‘Red Flags Rule’ Requiring Creditors and Financial Institutions to Adopt Identity Theft Prevention Programs”

The FTC announced today that the enforcement date for the Red Flag Rules is being extended until August 1, 2009 (instead of May 1, 2009). The press release is at  
Full story

HHS Releases Guidance on How to Render PHI “Unusable, Unreadable, or Indeciperable” That Relies on NIST to Define Acceptable Methods for Destruction and Encryption

On April 17th the Department of Health and Human Services (”HHS”) released guidance (hitechrfi1 ) “specifying the technologies and methodologies that render protected health information unusable, unreadable, or indecipherable... 
Full story

Proposed Health Breach Notification Rule Promulgated by the FTC Expands Potential Scenarios Where an Entity May Be Required to Report a Security Breach

The Federal Trade Commission (FTC) released proposed regulations entitled the “Health Breach Notification Rule” (the Rule) on April 16.  At this time we are concerned with the FTC’s broad interpretation of PHR related entities and... 
Full story

Enforcement of Standards for the Protection of Personal Information of Residents of the Commonwealth Delayed Until to January 1, 2010

The Commonwealth of Massachusetts recently extended the date for compliance with the newly issued regulations, entitled Standards for the Protection of Personal Information of Residents of the Commonwealth, 201 CMR 17:00, to January 1,... 
Full story

The Nuts and Bolts of EHRs and Interoperability

There is a surreal level of excitement this year at HIMSS’s annual conference.  The recent passage of the HITECH Act promises billions of dollars to providers for the implementation of an EHR system.  A record number of EHR vendors... 
Full story

Analysis of the HITECH Act’s Incentives to Facilitate Adoption of Health Information Technology

                         
Full story

American Recovery and Reinvestment Act: Overview of Modifications to the HIPAA Privacy and Security Regulations

                This alert provides a brief overview of privacy and security provisions included within “The American Recovery and Reinvestment Act of 2009” (H.R.1, S.1) (the “Stimulus”).... 
Full story

Connecticut and Michigan Require Employer-Employee Privacy Policy

            Over the last year Employer-Employee “Global” Privacy Policies are becoming more common place (in-part) due to recent legislation in Connecticut and Michigan.  Until this recent legislation,... 
Full story

Compliance with the Red Flag Rules Not a Problem for Covered Entities with an Existing HIPAA Privacy and Security Compliance Program

Recently there has been significant concern in the health care industry around providers’ compliance with the Red Flag Regulations. (see e.g., www.ama-assn.org/ama/pub/category/20168.html.)  However compliance with these regulations... 
Full story