The Internal Revenue Service, U.S. Dept. of Labor, and U.S. Dept. Read more

New regulations are being proposed by the U.S. Dept. of Health and Human Services which would require health care providers, health plans, and other entities covered by the Health Insurance Portability and Accountability Act to notify individuals when their health information is breached. Read more

The U.S. Dept. Read more

The Office of Civil Rights in the U.S. Health and Human Services Dept. has issued two brochures informing consumers of their medical information privacy rights in Chinese, Korean, Polish, Russian, Tagalog, and Vietnamese in addition to English and Spanish. Read more

Companies who have health promotion or disease prevention programs should ensure that its program complies with U.S. Dept. of Labor regulations on the implementation of wellness programs under the Health Insurance Portability and Accountability Act. Read more

Small employer group health plans must notify participants about their privacy rights under the Health Insurance Portability and Accountability Act at least once every three years. Plans with annual receipts of $5 million or less were first required to distribute the HIPAA privacy notice on April 14, 2004. Read more

The Employee Benefits Security Administration has released two self-compliance tools for group health plans and other parties to evaluate compliance with requirements under HIPAA and the Affordable Care Act. Read more

Medical records for a spouse’s back surgery is relevant to discover whether the employee misused leave under the Family and Medical Leave Act, a federal court in Connecticut says, ordering that the records be disclosed under the privacy regulations pursuant to the Health Insurance Portability and Accountability Act. Read more

Blue Cross Blue Shield of Tennessee has agreed to pay the U.S. Department of Health and Human Services $1.5 million to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 Privacy and Security Rules. The insurance company has also agreed to a corrective action plan to address gaps in its HIPAA compliance program. The enforcement action is the first resulting from a breach report required by the Health Information Technology for Economic and Clinical Health Act Breach Notification Rule. Read more

The Office for Civil Rights in the U.S. Dept. of Health and Human Services has launched a pilot program for up to 150 audits to assess privacy and security compliance of covered entities and business associates with the Health Insurance Portability and Accountability Act’s Privacy and Security Rules and Breach Notification standards. Read more

The Department of Health and Human Services has released its final omnibus rule under the Health Insurance Portability and Accountability Act. Read more

The U.S. Department of Health and Human Services Office for Civil Rights has imposed a civil money penalty of $4.3 million on Cignet Health of Prince George’s County, Md. for violating patients’ rights by denying them access to their medical records, which is required by the Privacy Rule of the Health Insurance Portability and Accountability Act. The HHS civil money penalty is the first for a covered entity’s violations of the HIPAA Privacy Rule. Read more