Skip to content

Physician Law Blog

We provide insights and analysis for physicians, nurses, chiropractors, dentists, physical therapists and other health professionals on issues impacting their practices.

Physician Law Blog
March 20, 2020

Telehealth Expanded and HIPAA Requirements Waived

The Centers for Medicare & Medicaid Services (CMS), The Health and Human Services Department (HHS), as well as other health related federal agencies, have continued to waive requirements, or expand services and benefits in an effort to help contain the COVID-19 virus.

Physician Law Blog
June 22, 2018

Sidestepping Encryption? Better Be Ready To Pay Millions for HIPAA Violations

Earlier this week, the University of Texas MD Anderson Cancer Center was ordered to pay a staggering $4,348,000.00 in order to resolve HIPAA violations from data breaches occurring in 2011, 2012, and 2013.The extremity of the penalties is explained by the fact that the data breaches were completely preventable. Generally, covered entities and business associates under the Health Insurance Portability and Accountability Act (HIPAA) are required to ensure confidentiality, integrity, and availability of all electronic protected health information (ePHI) that is created, received, maintained, or transmitted, and protect that information from reasonably anticipated threats and impermissible uses.

Physician Law Blog
April 30, 2015

Happy HIPAA Thursday - Paper Records Count too!

Just ask Cornell Prescription Pharmacy about disposal of unshredded paper pharmacy records containing protected health information (PHI), and you will hear that this pharmacy paid $125,000 plus it has entered a Resolution Agreement with the OCR. Not only is this pharmacy paying a significant penalty, it will be under a corrective action plan to correct deficiencies in their HIPAA compliance program and must submit the members of their workforce to receive training on that program within 30 days of implementing the policies and procedures.