The Sm@rtEdgeLaw Group

- "Smart companies need a Sm@rtEdge" TM

Category: HIPAA/HITECH

Record HIPAA Violation Settlement – $16 million

Think HIPAA fines aren’t serious for violations of security and privacy rules around Protect Health Information? You may want to think again. Here’s the headline from a story out today: “Anthem Mega-Breach: Record $16 Million HIPAA Settlement“, which links to our friends at Gov InfoSecurity https://www.govinfosecurity.com/anthem-mega-breach-record-16-million-hipaa-settlement-a-11622 Though many enter into HIPAA/HITECH-driven Business Associate Agreements on a near […]

New Cloud Computing Guidance From Health & Human Services’ OCR

The digital world has migrated to the Cloud, on both personal and business levels.  But for “covered entities” and “business associates” subject to the Health Insurance Portability and Accountability Act regime, better known by the moniker of “HIPAA”, many CE and BA’s must often determine how (and whether) they can take advantage of cloud computing while […]

2014 Trends in State Data Breach Laws

A recent publication from the National Conference of State Legislatures has highlighted several intriguing trends with regards to recent and upcoming data breach legislation.  Given most states reactive nature, the 2013 holiday season generated a “we must do something!” response in many state capitols following the front page data breaches of Target and Neiman Marcus. […]

Ready for Your HIPAA Compliance Audit? HHS’ OCR Sure Is…

It’s been a long time coming. Now it’s here.  The Department of Health and Human Services’ Office for Civil Rights (“OCR”) recently placed a notice in the Federal Register that it intends to survey up to 1,200 covered entities (health plans, health care clearinghouses, and certain health care providers) and business associates to “determine their […]

Finally. Google Cloud Announces it will enter into HIPAA BAA’s

Well, it took long enough.  Google Cloud Platform service has finally publicly announced they will willingly enter into Business Associate Agreements (“BAA’s”) with “Covered Entities” regarding use of Google Cloud services and Protected Health Information (“PHI”).  Google’s announcement comes nearly five months the after Sept 23, 2013 effective date for compliance with the HIPAA/HITECH Omnibus […]

FTC’s 50th Data Security Settlement Highlights Best Practices

The FTC’s recently announced “50th data security settlement,” with GMR Transcription Services, has been highlighted by the Commission as a “golden opportunity to check your [data security] practices.”  We agree. The facts behind the settlement read like a veritable case study of what not to do and how companies get into hot water with regulators […]

Ponemon Study on Patient Privacy Highlights Security Failings

Released today, the Ponemon Institute‘s Third Annual Benchmark Study on Patient Privacy & Data Security (available at, http://www2.idexpertscorp.com/ponemon2012/) starkly highlights the continued serious challenges faced by healthcare organizations in adequately safeguarding protected health information (“PHI”). As the study notes straight out of the gate “the threats to healthcare organizations have become increasingly more difficult to […]

© 2014-2022 Sm@rtEdge LLC. All Rights Reserved. Attorney advertising. Prior results do not guarantee a similar outcome. Site Map Privacy Policy Frontier Theme