In early January, 2017, the US Department of Health and Human Services, Office of Civil Rights (OCR), announced that Presence Health agreed to settle potential violations of the HIPAA Breach Notification Rule by paying $475,000 and implementing a corrective action plan. The key allegation was that Presence Health was approximately 40 days late in reporting Read More
Category: Breach Regulations
Flipping the Presumption: Any disclosure is a breach unless proven otherwise
The Department of Health and Human Service (HHS) and the Federal Trade Commission (FTC) Breach Regulations presume that all unauthorized disclosures are breaches. Anyone who discloses information much be able to demonstrate compliance with HHS Security Guidance to establish that no breach occurred. American Recovery and Reinvestment Act of 2009 (ARRA) provisions on health information Read More