Amanda Enyeart
Subscribe to Amanda Enyeart's Posts
Amanda Enyeart maintains a general health industry and regulatory practice, focusing on fraud and abuse, information technology and digital health matters. Amanda advises health care industry clients in all aspects of software licenses and other agreements for the acquisition electronic health record (EHR) systems and other mission critical health IT. Amanda’s health care IT transactional experience also includes advising clients with respect to software development, maintenance, service and outsourced hosting arrangements, including cloud-computing transactions. Read Amanda Enyeart's full bio.
Recent $2.5 Million OCR Settlement Is a Warning to Wireless Health Service Providers
By Amanda Enyeart, Drew Elizabeth McCormick and Lisa Mazur on May 3, 2017
Posted In Consumer Protection, Cybersecurity, Data breach, Data Privacy, Telehealth
On April 24, the US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced a Health Insurance Portability and Accountability Act of 1996 (HIPAA) settlement in the amount of $2.5 million based on the impermissible disclosure of unsecured electronic protected health information (ePHI) by a provider of remote mobile monitoring, with...
Continue Reading
OCR Guidance Underscores Importance of Authentication under HIPAA
By Amanda Enyeart and Ryan S. Higgins on Nov 17, 2016
Posted In Cybersecurity, Data breach, Mobile Apps
In its tenth OCR Cyber Awareness Newsletter of the year (Newsletter), the Office for Civil Rights (OCR) reminded HIPAA-covered entities and business associates of the importance of selecting an appropriate authentication method to protect electronic protected health information (ePHI). Authentication is the process used to “verify whether someone or something is who or what it...
Continue Reading
OCR Explains How Information Blocking Violates HIPAA
By Amanda Enyeart, Edward G. Zacharias, Daniel F. Gottlieb and Ryan S. Higgins on Oct 27, 2016
Posted In Cloud, Consumer Protection, Cybersecurity, Data Privacy, General Interest
The US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently posted guidance (OCR guidance) clarifying that a business associate such as an information technology vendor generally may not block or terminate access by a covered entity customer to protected health information (PHI) maintained by the vendor on behalf of the...
Continue Reading
Pressure Points: OCR Enforcement Activity in 2014
By Amanda Enyeart on Feb 9, 2015
Posted In Big Data, Consumer Protection, Cybersecurity, Data Privacy, General Interest
During 2014, the Office for Civil Rights (OCR) of the U.S. Department of Health & Human Services initiated six enforcement actions in response to security breaches reported by entities covered by the Health Insurance Portability and Accountability Act (HIPAA) (covered entities), five of which involved electronic protected health information (EPHI). The resolution agreements and corrective...
Continue Reading
