Practical HR Tips, News & Advice. Updated Daily.
A federal district court vacated the U.S. Equal Employment Opportunity Commission’s (EEOC) rules on how employers’ wellness programs must comply with the Americans with Disabilities Act (ADA) and Genetic Nondiscrimination Act (GINA).
The Kentucky Court of Appeals recently upheld the termination of a nurse who unintentionally disclosed a patient’s confidential health information while she was conducting a procedure.
HIPAA has become synonymous with medical records privacy, for good reason. Enacted more than 20 years ago, it gives individuals the power to decide who has access to their health records and has forced major changes in the way health care providers, health plans and businesses handle records.
A federal district court remanded the U.S. Equal Employment Opportunity Commission’s (EEOC) wellness program rules, finding it unclear how the rules’ 30% threshold met the Americans with Disabilities Act’s (ADA) requirement that wellness programs be “voluntary.”
A nonprofit health center in Colorado agreed to pay $400,000 to settle Health Insurance Portability and Accountability Act (HIPAA) security allegations after a hacker accessed employees’ e-mail accounts and obtained 3,200 individuals’ protected health information (PHI) in a phishing incident, the U.S. Department of Health and Human Services (HHS) announced April 12.
By David Slaughter, JD Legislation introduced by a key House Republican would largely negate the U.S. Equal Employment Opportunity Commission’s (EEOC) wellness program rules, which plan sponsors have criticized for adding a duplicative layer of regulation to earlier standards set by other agencies. BLR® Senior Legal Editor David Slaughter, JD, has the facts in today’s […]
A recent surge in monetary Health Insurance Portability and Accountability Act (HIPAA) settlements is altering the compliance landscape at a time when new technical and legal challenges also are coming into play, practitioners and regulators told a recent conference.
The Health Insurance Portability and Accountability Act’s (HIPAA’s) privacy rule does not exempt the sharing of information on cyber threat indicators, so HIPAA-covered entities and their business associates may not share protected health information (PHI) for this purpose unless HIPAA otherwise allows it, the U.S. Department of Health and Human Services (HHS) warned recently.
Most Health Insurance Portability and Accountability Act (HIPAA) enforcement has focused on the larger breaches of protected health information (PHI). But the U.S. Department of Health and Human Services (HHS) has not forgotten those incidents that fall below the “major” threshold of 500 individuals.
Advocate Health Care Network (Advocate) has agreed to pay $5.55 million to settle with the U.S. Department of Health and Human Services, Office for Civil Rights (OCR), multiple potential Health Insurance Portability and Accountability Act (HIPAA) violations involving electronic protected health information (ePHI). This is the largest HIPAA settlement to date against a single entity.