Amanda Enyeart
Subscribe to Amanda Enyeart's Posts
Amanda Enyeart maintains a general health industry and regulatory practice, focusing on fraud and abuse, information technology and digital health matters. Amanda advises health care industry clients in all aspects of software licenses and other agreements for the acquisition electronic health record (EHR) systems and other mission critical health IT. Amanda’s health care IT transactional experience also includes advising clients with respect to software development, maintenance, service and outsourced hosting arrangements, including cloud-computing transactions. Read Amanda Enyeart's full bio.
OCR Guidance Underscores Importance of Authentication under HIPAA
By Amanda Enyeart and Ryan S. Higgins on Nov 17, 2016
Posted In Cybersecurity, Data breach, Mobile Apps
In its tenth OCR Cyber Awareness Newsletter of the year (Newsletter), the Office for Civil Rights (OCR) reminded HIPAA-covered entities and business associates of the importance of selecting an appropriate authentication method to protect electronic protected health information (ePHI). Authentication is the process used to “verify whether someone or something is who or what it...
Continue Reading
OCR Explains How Information Blocking Violates HIPAA
By Amanda Enyeart, Edward G. Zacharias, Daniel F. Gottlieb and Ryan S. Higgins on Oct 27, 2016
Posted In Cloud, Consumer Protection, Cybersecurity, Data Privacy, General Interest
The US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently posted guidance (OCR guidance) clarifying that a business associate such as an information technology vendor generally may not block or terminate access by a covered entity customer to protected health information (PHI) maintained by the vendor on behalf of the...
Continue Reading
Pressure Points: OCR Enforcement Activity in 2014
By Amanda Enyeart on Feb 9, 2015
Posted In Big Data, Consumer Protection, Cybersecurity, Data Privacy, General Interest
During 2014, the Office for Civil Rights (OCR) of the U.S. Department of Health & Human Services initiated six enforcement actions in response to security breaches reported by entities covered by the Health Insurance Portability and Accountability Act (HIPAA) (covered entities), five of which involved electronic protected health information (EPHI). The resolution agreements and corrective...
Continue Reading
