HIPAA News Archive

News by year: 2014 | 2013 | 2012 | 2011 | 2010 | 2009 | 2008 | 2006 | 2005 | 2004 | 2003 | 2002 | 2001 | 2000

2014

HIPAA Settlement Underscores the Vulnerability of Unpatched and Unsupported Software - December 2, 2014

New Guidance on HIPAA in Emergency Situations - November 10, 2014

Reminder of End of NPP Enforcement Delay for CLIA Labs - October 3, 2014

$800,000 HIPAA Settlement in Medical Records Dumping Case - June 23, 2014

Data Breach Results in $4.8 Million HIPAA Settlements - May 7, 2014

Concentra Settles HIPAA Case for $1,725,220 - April 22, 2014

QCA Settles HIPAA Case for $250,000 – April 22, 2014

County Government Settles Potential HIPAA Violations - March 7, 2014

Security Risk Assessment Tool Released - 3/28/14

New Guidance on HIPAA Privacy Rule and Sharing Information Related to Mental Health - 2/20/14

Spanish Language Model Notices of Privacy Practices - 2/13/14

Digital Privacy Notice Challenge open through April 7 - 2/10/14

HHS Strengthens Patients’ Right to Access Lab Test Reports - 2/3/14

HIPAA Privacy Rule and the National Instant Criminal Background Check System (NICS) - 1/7/14

2013

Resolution Agreement with Adult & Pediatric Dermatology, P.C. of Massachusetts - December 20, 2013

HHS Settles with Health Plan in Photocopier Breach Case - August 14, 2013

WellPoint Settles HIPAA Security Case for $1,700,000 - July 11, 2013

Shasta Regional Medical Center Settles HIPAA Privacy Case for $275,000 - June 13, 2013

Idaho State University Settles HIPAA Security Case for $400,000 - May 21, 2013

2012

HHS announces first HIPAA breach settlement involving less than 500 patients - December 31, 2012

Massachusetts Provider Settles HIPAA Case for $1.5 Million – September 17, 2012

Alaska DHSS Settles HIPAA Security Case for $1,700,000 – June 26, 2012

Conference on Safeguarding Health Information: Building Assurance through HIPAA Security, June 6 & 7, 2012

HHS Settles Case with Phoenix Cardiac Surgery for Lack of HIPAA Safeguards - April 13, 2012

HHS settles HIPAA case with BCBST for $1.5 million - March 13, 2012

2011

Notice of Proposed Rulemaking to Amend CLIA and the HIPAA Privacy Rule - 9/14/2011 (GPO)

HITECH Act Reports to Congress  - 9/1/11

Notice of Proposed Rulemaking for HIPAA Privacy Rule Accounting of Disclosures under HITECH

• Press release about proposed rulemaking – 5/31/11

Mass General Hospital Settles Potential HIPAA Violations

• Press Release -2/24/11

HHS Imposes a $4.3M Civil Money Penalty for HIPAA Privacy Rule Violations

• Press release about penalties for HIPAA violations - 2/22/11

2010

Breach Notification Final Rule Update - 7/28/10

Resolution Agreement with Rite Aid Corporation - 7/27/10

Notice of Proposed Rulemaking to Implement HITECH Act Modifications – 7/14/10

Risk Analysis Final Guidance - 7/14/10

HITECH Notice of Proposed Rulemaking - 7/08/10

HITECH Accounting of Disclosures Request for Information - 5/03/10

HITECH Act Rulemaking and Implementation Update

• Press Release - 03/15/10

2009

Patient Safety Rule Penalty Inflation Adjustment Effective - 11/23/09

HITECH Enforcement Interim Final Rule - 10/29/09

GINA Notice of Proposed Rulemaking - 10/1/09

Patient Safety Rule Penalty Inflation Adjustment - 8/25/09

HITECH Breach Notification Interim Final Rule - 8/19/09

Regional Office Privacy Advisors - 8/14/09

Secretary Delegates HIPAA Security Rule to OCR

• Press release about delegating the security rule to OCR - 8/3/09

HITECH Breach Notification Guidance and Request for Public Comment - 4/17/09

• Press release about guidance for securing health information and preventing breaches - 4/17/09

Resolution Agreement with CVS Pharmacy, Inc. - 2/18/09

• Press Release bout CVS Privacy Case - 2/18/09

HIPAA & Disposal of Protected Health Information FAQs - 2/18/09

HIPAA and Family Medical History FAQs- 1/13/09

• Press Release about the Surgeon General's New Family Health History Tool – 1/13/09

2008

HIPAA & Health Information Technology Guidance - 12/15/2008

HHS/ED Joint Guidance on the Application of FERPA and HIPAA to Student Health Records - 11/25/08

HIPAA Privacy Guides to Communications with Family, Friends, and Others Involved in a Patient's Care - 9/16/08:

• Patient Guide: When Health Care Providers May Communicate About You with Your Family, Friends, or Others Involved in Your Care
• Provider Guide: Communicating with a Patient's Family, Friends, or Others Involved in a Patient's Care

HHS and Providence Health & Services enter Resolution Agreement - 7/15/08

• Press Release about the Agreement 7/17/08

New Patient Safety Proposed Regulation Aims to Improve Health Care Quality and Patient Safety - 02/12/08

2006

OCR granted authority to enforce confidentiality protections of the Patient Safety and Quality Improvement Act of 2005 Delegation of Authority - 5/19/06

Updated Version of HIPAA Administrative Simplification Regulation Text - 4/5/06

Final Enforcement Rule Published - 2/16/06

2005

Hurricane Katrina Bulletin #2: Compliance Guidance and Enforcement Statement - 9/9/05

Bulletin: Disclosing PHI in Emergency Situations - 9/2/05

Proposed Enforcement Rule Published - 4/18/05

2004

Expiration Date for CMP Procedures Rule Extended to September 2005 - 9/16/04

New Consumer Fact Sheets

• Privacy and Your Health Information - 8/17/04
• Your Health Information Privacy Rights - 8/17/04 

Using OCR resources to fight myths about the Privacy Rule - 5/18/04

2003

OCR issues caution about misleading marketing on HIPAA training - 8/4/03

How to File a Privacy Complaint Fact Sheet and Privacy Complaint Form posted in Spanish/en Espanol - 4/29/03

Interim Final Rule: Civil Money Penalties: Procedures for Investigations, Imposition of Penalties, and Hearings - 4/17/03

Privacy Guidance about Authorizations for Research and Institutional Review Boards - 4/15/03

Protecting the Privacy of Patients' Health Information Fact Sheet - 4/14/03

OCR posts Summary of the HIPAA Privacy Rule- 4/11/03

Statement by Tommy G. Thompson Secretary of Health and Human Services Regarding New Federal Privacy Regulations  - 04/11/03

CDC and HHS issue guidance about the HIPAA Privacy Rule and Public Health (CDC) - 4/11/03

Notice of Addresses for Submission of HIPAA Privacy Complaints published in Federal Register  - 3/20/03

Notice of Address for Submission of Requests for Preemption Exception Determination published in Federal Register  - 3/11/03

HHS adopts final security standards for protecting individually identifiable health information when it is maintained or transmitted electronically by health plans, certain health care providers, and health care clearinghouses.

• Press release on final security standards for HIPAA - 2/13/03

2002

OCR Guidance Explaining Significant Aspects of the HIPAA Privacy Rule - 12/4/02

Complete Regulation Text for the Privacy Rule (Parts 160 and 164), as modified 5/31/02 and 8/14/02  - 10/8/02

HHS Final Changes to Privacy Rule that Protect Privacy, Access to Care.  HHS Secretary Tommy G. Thompson issues final changes to HHS' health privacy regulations to ensure strong privacy protections while correcting unintended consequences that threatened patients' access to quality health care - 8/9/02

• Press release on final modifications - 8/9/02

Final Modifications to the Privacy Rule, Federal Register  - 8/14/02

HHS Deputy Secretary Claude A. Allen Testifies Before the Senate Health, Education, Labor, and Pensions Committee on the Proposed Modifications to the Privacy Rule. Read Deputy Secretary Allen’s testimony. - 4/16/02

2001

HHS Issues First Guidance on New Patient Privacy Protections - 7/6/01

Statement by Secretary Tommy G. Thompson Regarding the Patient Privacy Rule - 4/12/01

Press Release on Effective Date Delay and 30-Day Public Comment Period  - 2/23/01

2000

HHS Announces Final Regulation Establishing First-Ever National Standards to Protect Patients' Personal Medical Records, Press Release - 12/20/00

Remarks by the President on Medical Privacy - 12/20/00