HIPAA Boss Sees ‘Low-Hanging Fruit’ Ripe For Enforcement

By Edward G. Zacharias on February 18, 2020

Posted In Health and Welfare Plans, Privacy and Data Security

Healthcare providers and insurers are still making tons of rookie mistakes on patient privacy, turning themselves into easy enforcement targets, according to Roger Severino, director of the US Department of Health and Human Services.

Severino made headlines in 2017 for expressing interest in punishing a “big, juicy, egregious” privacy breach, and seemingly followed through with a $16 million settlement stemming from Anthem Inc.’s megabreach involving 79 million patients. But, an emphasis on smaller violations makes sense in light of the OCR’s recent acknowledgement of limits on its penalty powers, said Edward G. Zacharias, a McDermott partner.

Access the full article.

Originally posted on Law360, February 2020

Tags: Cybersecurity, healthcare, HHS, HIPAA, HIPAA resolution, OCR, OCR breach

Edward G. Zacharias
Edward G. Zacharias is the managing partner of McDermott’s Boston office. Clients across the healthcare industry and beyond turn to him for practical, business-oriented counsel on their most significant privacy and cybersecurity compliance, healthcare regulatory and transactional matters. Ed’s clients include “Big Tech” companies, health information technology and digital health companies, healthcare providers, insurers, electronic health record platforms, pharmacies, drug and device manufacturers, life sciences companies and health services vendors. Read Edward Zacharias' full bio.

HIPAA Boss Sees ‘Low-Hanging Fruit’ Ripe For Enforcement

Related Posts

BLOG EDITORS

STAY CONNECTED

TOPICS

ARCHIVES

RECENT POSTS