Tag Archives: HHS

False Claims Act Settlement with eClinicalWorks Raises Questions for Electronic Health Record Software Vendors

On May 31, 2017, the US Department of Justice announced a Settlement Agreement under which eClinicalWorks, a vendor of electronic health record software, agreed to pay $155 million and enter into a five-year Corporate Integrity Agreement to resolve allegations that it caused its customers to submit false claims for Medicare and Medicaid meaningful use payments … Continue Reading

Recent $2.5 Million OCR Settlement Is a Warning to Wireless Health Service Providers

On April 24, the US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced a Health Insurance Portability and Accountability Act of 1996 (HIPAA) settlement in the amount of $2.5 million based on the impermissible disclosure of unsecured electronic protected health information (ePHI) by a provider of remote mobile monitoring, with … Continue Reading

What You Need to Know about Changes to the Common Rule

The Final Rule published by the US Department of Health and Human Services on January 18, 2017, largely avoids major modifications to the Common Rule. However, it specifically addresses creation of biospecimen and data repositories and use of those repositories for secondary research. All stakeholders involved in federally funded research should be aware of the … Continue Reading

HHS Finalizes Overhaul of Federal Human Subjects Research Protections

On January 18, 2017, the Department of Health and Human Services (HHS) and 15 other federal agencies issued a final rule overhauling the federal human subjects research regulations known as the “Common Rule.” These are the first revisions to the Common Rule since its original enactment in 1991, and have been in progress since HHS … Continue Reading

OMB Reviewing Common Rule Overhaul

On January 4, 2017, the Department of Health and Human Services (HHS) submitted a draft final rule to amend the federal human research regulations to the Office of Management and Budget (OMB). These regulations, often referred to as the Common Rule, were originally developed in 1991 and have been adopted by multiple federal departments and … Continue Reading

Guidance on Ransomware Attacks under HIPAA and State Data Breach Notification Laws

On July 28, 2016, US Department of Health and Human Services (HHS) issued guidance (guidance) under the Health Insurance Portability and Accountability Act (HIPAA) on what covered entities and business associates can do to prevent and recover from ransomware attacks. Ransomware attacks can also trigger concerns under state data breach notification laws. The HIPAA Security … Continue Reading

Pressure Points: OCR Enforcement Activity in 2014

During 2014, the Office for Civil Rights (OCR) of the U.S. Department of Health & Human Services initiated six enforcement actions in response to security breaches reported by entities covered by the Health Insurance Portability and Accountability Act (HIPAA) (covered entities), five of which involved electronic protected health information (EPHI).  The resolution agreements and corrective … Continue Reading
LexBlog