Finally. The Office of Management and Budget (“OMB”) has received the long-awaited Modifications to the HIPAA Privacy, Security, Enforcement, and Breach Notification Rules. The estimated timeframe is approximately 90 days for OMB to undertake its review. We hope to have the final rules by the end of June.
On March 13, 2012, HHS announced that Blue Cross Blue Shield of Tennessee (“BCBST”) has agreed to pay it $1.5 million to settle potential HIPAA violations arising from the theft of 57 unencrypted computer hard drives from a leased facility in Tennessee. This settlement is significant because it is OCR’s first enforcement action arising out… Continue Reading
Liability from a breach of health information may be much more significant than the costs of notifying the affected individuals. Although there is no private right of action under HIPAA, private litigants have been attempting to devise theories which would support recovery of damages for violations of HIPAA. A recently amended complaint alleges that victims… Continue Reading