Posts tagged Office for Civil Rights.
Blogs
Clock 7 minute read

On March 18, 2024, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) issued updated guidance regarding the use of online tracking technologies by entities and business associates subject to the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”).

Notably, the updated guidance replaces OCR’s original guidance issued in December 2022, both of which warn companies subject to HIPAA, Covered Entities and their Business Associates (collectively “Regulated Entities”), that use of online tracking technologies, such ...

Blogs
Clock 2 minute read

The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently submitted two reports to Congress setting forth the HIPAA breaches and complaints reported to OCR during calendar year 2020 as well as the enforcement actions taken by OCR in response to those reports. HIPAA covered entities should be aware of the trends identified in these reports and should examine their own compliance in these areas.

Blogs
Clock 4 minute read

On March 17, 2020, the Office for Civil Rights’ (“OCR”) announced that—for the duration of the COVID-19 emergency—it would exercise enforcement discretion and waive any potential penalties for HIPAA violations relating to health care providers’ use of “everyday communications technologies” in the provision of services via telehealth (the “HIPAA Waiver”). This move has resulted in a drastic increase in the number of telehealth encounters. The HIPAA Waiver has enabled many providers to immediately leverage these technologies to render services via telehealth for the first time, without the need to expend significant resources to quickly ramp up a HIPAA-compliant telehealth platform. A summary of the HIPAA Waiver can be found in a recent blog post. While the HIPAA Waiver applies only temporarily, it is likely that the increased reliance on telehealth evidenced over the past three months is here to stay.

The COVID-19 pandemic’s impact on the regulatory landscape of telehealth was the topic of a June 17, 2020 hearing before the Senate Health, Education, Labor & Pensions Committee.  As Chairman Lamar Alexander acknowledged during his opening statement, the health care sector and government “have been forced to cram 10 years’ worth of telehealth experience into just the past three months.” Indeed, this “cramming” has resulted in thirty-one temporary changes to telehealth policy at the federal level. Of these temporary changes, Chairman Alexander included the OCR enforcement discretion / HIPAA waiver as one of the three changes he considers most important. However, of the three changes the Chairman views as most important, he declined to include the enforcement discretion in the temporary changes he believes should be made permanent, and instead called upon his colleagues to consider whether to extend the HIPAA waiver.[1]

Blogs
Clock less than a minute

On October 16, 2018 the Department of Health and Human Services Office for Civil Rights (“OCR”) and the Office of the National Coordinator for Health Information Technology (“ONC”) announced an update to their previously provided Security Risk Assessment Tool.  According to ONC and OCR, the “tool is designed to help healthcare providers conduct a security risk assessment” as required under the HIPAA Security Rule.  ONC states that the updated tool includes additional features such as:

  • Enhanced user interface
  • Modular workflow
  • Custom assessment logic
  • Progress ...

Search This Blog

Blog Editors

Recent Updates

Related Services

Topics

Archives

Jump to Page

Subscribe

Sign up to receive an email notification when new Health Law Advisor posts are published:

Privacy Preference Center

When you visit any website, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences or your device and is mostly used to make the site work as you expect it to. The information does not usually directly identify you, but it can give you a more personalized web experience. Because we respect your right to privacy, you can choose not to allow some types of cookies. Click on the different category headings to find out more and change our default settings. However, blocking some types of cookies may impact your experience of the site and the services we are able to offer.

Strictly Necessary Cookies

These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.

Performance Cookies

These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.