HIPAA

Subscribe to HIPAA

Healthcare providers and insurers are still making tons of rookie mistakes on patient privacy, turning themselves into easy enforcement targets, according to Roger Severino, director of the US Department of Health and Human Services.

Severino made headlines in 2017 for expressing interest in punishing a “big, juicy, egregious” privacy breach, and seemingly followed through with

The demand for healthcare innovation is driving collaboration between formerly disparate healthcare companies and bringing in new players, such as technology companies and start-ups, into an already complex space. As companies build partnerships and pool resources—particularly healthcare data—data ownership presents numerous challenges that need to be addressed throughout the lifecycle of the collaboration. In this

As the telemedicine regulatory and reimbursement environment becomes more cohesive and providers and patients alike embrace technology, opportunities for telemedicine collaborations are likely to grow. Like any collaboration, finding the right partner is crucial for success, particularly at the highly scrutinized intersection of healthcare and technology. This post explores the factors to address

Data privacy and security legislation and enforcement saw significant activity in 2018 and early 2019. McDermott’s 2018 Digital Health Year in Review: Focus on Data report – the first in a four-part series – highlights notable developments and guidance that health care providers, digital health companies and other health care industry stakeholders should navigate in

Throughout 2017, the health care and life sciences industries experienced a widespread proliferation of digital health innovation that presents challenges to traditional notions of health care delivery and payment as well as product research, development and commercialization for both long-standing and new stakeholders. At the same time, lawmakers and regulators made meaningful progress toward modernizing

In October 2016, the American Association of Retired Persons (AARP) sued the US Equal Employment Opportunity Commission (EEOC) in the US District Court for the District of Columbia seeking an injunction against the latest iteration of wellness program regulations. The final EEOC regulations issued last year offer employers a roadmap for offering employee wellness programs

Jennifer Geetter and Dale Van Demark wrote this bylined article on how companies must manage and govern their use of digital healthcare information assets. “Organizations will need to design and implement digital governance structures that … include additional components and organizational stakeholders, in order to meet the business and strategic demands of the digital health

In the presentation “Highlights of Record Retention Requirements Applicable to Employee Benefit Plans,” Todd A. Solomon detailed the general rules of The Employee Retirement Income Security Act of 1974 (ERISA). He discussed several specific record-keeping requirements for employee benefit plans and a number of general requirements that imply a duty to retain records, for example

The US Department of Health and Human Services has recently issued guidance under the Health Insurance Portability and Accountability Act on what covered entities and business associates can do to prevent and recover from ransomware attacks; however, other state data breach notification laws can also be triggered by a ransomware attack. The authors of this