June 10, 2019

Who, What, and Now What? Business Associate HIPAA Obligations

It’s likely you’ve seen post after post discussing the Office for Civil Right’s (“OCR”) recent guidance for Business Associates (“BA”) listing scenarios when BA may be directly liable for breaches of electronic Protected Health Information (“ePHI”). This is not one of those posts; instead, let’s discuss actions BA may take as a result of this… Continue Reading

May 31, 2019

$3 million settlement, HIPAA breach affects 300,000 individuals’ PHI

On May 6, 2019, the U.S. Department of Health and Human Services (“HHS”) announced a $3 million settlement with Touchstone Medical Imaging (“Touchstone”) for potential violations under the Health Insurance Portability and Accountability Act (“HIPAA”) relating to a data breach that exposed over 300,000 patients’ protected health information (“PHI”). HIPAA requires covered entities (e.g., health… Continue Reading

May 21, 2019

DOL Releases Second Guidance on Recent AHP Litigation

In response to the recent litigation surrounding association health plans (“AHPs”), the Department of Labor (“DOL”) released its second guidance on May 13, 2019, regarding the United States District Court for the District of Columbia’s decision vacating key portions of the DOL’s AHP Final Rule (“AHP Final Rule” or “Final Rule”) published on June 21,… Continue Reading

May 10, 2019

A Timeline of the AHP Final Rule and Recent Litigation

On June 21, 2018, the Department of Labor (“DOL”) published an Association Health Plan Final Rule (“AHP Final Rule” or “Final Rule”) expanding the definition of “employer” under ERISA Section 3(5) for purposes of determining how an association health plan (“AHP”) can be considered a single-employer plan under ERISA. Our previous blog recaps the AHP… Continue Reading

May 1, 2019

HHS lowers HIPAA annual upper limits to better reflect text of HITECH Act

The Department of Health & Human Services (“HHS”) has issued a Notification of Enforcement Discretion for the Health Information Technology for Economic and Clinical Health Act (“HITECH Act”) changing the cumulative annual civil money penalties (“CMPs” or “penalties”) for each of the four penalty tiers available for violations under HIPAA. The HITECH Act’s current tier… Continue Reading

Blog Home
Browse by Category 401(k)Health & Welfare