OCR Explains How Information Blocking Violates HIPAA

The US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently posted guidance (OCR guidance) clarifying that a business associate such as an information technology vendor generally may not block or terminate access by a covered entity customer to protected health information (PHI) maintained by the vendor on behalf of the customer. Such “information blocking” could occur, for example, during a contract dispute in which a vendor terminates customer access or activates a “kill switch” that renders an information system containing PHI inaccessible to the customer. Many information vendors have historically taken such an approach to commercial disputes.

Read full article here.

Daniel F. GottliebDaniel F. Gottlieb
Daniel F. Gottlieb counsels a wide range of health care industry clients, including health care providers, health plans, health information technology (IT) vendors and life sciences companies. He represents these entities on health IT acquisitions, privacy and data protection, reimbursement, fraud and abuse, and other health care regulatory and transactional matters. Daniel is a co-leader of the Firm’s Global Privacy and Cybersecurity Practice. Read Daniel Gottlieb's full bio.


Edward G. ZachariasEdward G. Zacharias
  Edward (Ed) G. Zacharias focuses his practice on complex transactions and regulatory compliance matters. He represents hospitals and health systems, academic medical centers, physician group practices, post-acute care providers, health information technology vendors, biotech companies, insurers, pharmaceutical companies and a variety of other health care entities. Read Edward Zacharias' full bio.


Amanda EnyeartAmanda Enyeart
  Amanda Enyeart maintains a general health industry and regulatory practice, focusing on fraud and abuse, information technology and digital health matters. Amanda advises health care industry clients in all aspects of software licenses and other agreements for the acquisition electronic health record (EHR) systems and other mission critical health IT.  Amanda’s health care IT transactional experience also includes advising clients with respect to software development, maintenance, service and outsourced hosting arrangements, including cloud-computing transactions. Read Amanda Enyeart's full bio.


Ryan S. HigginsRyan S. Higgins
Ryan S. Higgins focuses his practice on representing hospitals, health systems, private equity firms and platform companies, and other health care organizations in corporate and transactional matters, including mergers, acquisitions, joint ventures and management arrangements. He also devotes a significant portion of his practice to representing health care organizations in matters involving health information privacy and security and Health Insurance Portability and Accountability Act (HIPAA) compliance. Ryan serves on the Chicago's office Pro Bono Committee and is heavily involved in pro bono matters. Read Ryan Higgins' full bio.

STAY CONNECTED

TOPICS

ARCHIVES