Call for Comments on Implementing the HIPAA Security Rule

The National Institute for Standards and Technology (NIST) is planning to update the NIST Special Publication (SP) 800—66, Revision 1, An Introductory Resource Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule (“Resource Guide”). NIST is seeking stakeholder input on the purpose of the Resource Guide to educate readers about information security terms…

HHS Proposes Changes To The HIPAA Regulations

On January 21, 2021 the Office of Civil Rights (OCR) of the Department of Health & Human Services (HHS) issued proposed changes to the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule to support individuals’ engagement in their care, remove barriers to coordinated care, and reduce regulatory burdens on the health care industry. Several of…

OCR Issues Audit Report on Health Care Industry Compliance with the HIPAA Rules

Late last month, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) released its 2016-2017 HIPAA Audits Industry Report that reviewed selected health care entities and business associates for compliance with certain provisions of the HIPAA Privacy, Security, and Breach Notification Rules. The Health Information Technology for Economic…

OCR Issues Guidance on HIPAA, Health Information Exchanges, and Disclosures of Protected Health Information for Public Health Purposes

On Friday, December 18, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) issued guidance on how the Health Insurance Portability and Accountability Act of 1996 (HIPAA) permits covered entities and their business associates to use health information exchanges (HIEs) to disclose protected health information (PHI) for the…

Office for Civil Rights Issues Resource Document on HIPAA and IT Asset Inventories

The Department of Health & Human Services (HHS) Office for Civil Rights (OCR) has published, as  part of its Summer 2020 Cybersecurity Newsletter, a resource document to assist covered entities in conduction of an effective risk analysis to ensure compliance with the Security Rule.  The OCR is tasked with enforcing the Health Insurance Portability and…

Movement to HETS as Sole Source for Eligibility Queries on Horizon

CWF: 3rd and later hospice benefit periods not calculating correctly In recent years, the Centers for Medicare & Medicaid Services (CMS) has taken steps to transition providers away from direct queries to the Common Working File (CWF) and toward the HIPAA Eligibility Transaction System (HETS) as the single source for beneficiary eligibility transactions.  Earlier this…

Critical Webinar on Legal Risks for Private Duty Home Care

The National Association for Home Care and Hospice (NAHC) and Littler Mendelson are collaborating to offer a truly unique quarterly series of webinars focused on the challenges, opportunities, and risks for private duty home care operators. We hope you will join us for an informative session and complimentary focused on two separate issues creating headaches…

New HHS Fact Sheet on Direct Liability of Business Associates under HIPAA

The Health and Human Services (HHS) Office for Civil Rights (OCR) has issued a new fact sheet that provides a clear compilation of all provisions through which a business associate can be held directly liable for compliance with certain requirements of the HIPAA Privacy, Security, Breach Notification, and Enforcement Rules (“HIPAA Rules”), in accordance with…

HHS Secretary Declares Public Health Emergency

Health and Human Services Secretary Alex M. Azar today declared public health emergencies in North Carolina and South Carolina, as Hurricane Florence continues its track toward the southeastern seaboard of the United States. The declarations give HHS’ Centers for Medicare & Medicaid Services’ (CMS) beneficiaries and their healthcare providers and suppliers greater flexibility in meeting…