Header graphic for print
HealtHITechLaw HIPAA, HITECH and Beyond

Monthly Archives: March 2012

HIPAA/HITECH Final Rules Received by OMB

Posted in Rulemaking

Finally.  The Office of Management and Budget (“OMB”) has received the long-awaited Modifications to the HIPAA Privacy, Security, Enforcement, and Breach Notification Rules.  The estimated timeframe is approximately 90 days for OMB to undertake its review.  We hope to have the final rules by the end of June.

Blue Cross Blue Shield Settles HIPAA Violation With HHS for $1.5 Million

Posted in Enforcement

On March 13, 2012, HHS announced that Blue Cross Blue Shield of Tennessee (“BCBST”) has agreed to pay it $1.5 million to settle  potential HIPAA violations arising from the theft of 57 unencrypted computer hard drives from a leased facility in Tennessee.  This settlement is significant because it is OCR’s first enforcement action arising out… Continue Reading

Additional Liabilities From Breach May Be Significant

Posted in Litigation

Liability from a breach of health information may be much more significant than the costs of notifying the affected individuals. Although there is no private right of action under HIPAA, private litigants have been attempting to devise theories which would support recovery of damages for violations of HIPAA. A recently amended complaint alleges that victims… Continue Reading