HIPAA/Health Information Privacy, Security & Breach Response

West Virginia High Court Finds Standing without Harm for Invasion of Privacy Claim in State Data Breach Class Action

June 20, 2014 By Alex Brown

The West Virginia Supreme Court of Appeals recently issued an important – but outlier – decision in a data breach class action. In a per curiam decision, the Court held that the plaintiffs had standing to bring their claims even though discovery revealed that not a single class member – much less the named plaintiffs […]

Angela Burnette and Julia Dempewolf Publish Article On Student Privacy and Preventing Campus Violence

June 19, 2014 By Privacy, Cyber & Data Strategy Team

Angela Burnette, Counsel at Alston & Bird, and Julia Dempewolf, an associate at Alston & Bird, have compiled practical guidance for schools and universities to consider regarding student privacy and the prevention of school violence. Their recent article, published by LexisNexis in Health Care Law Monthly, is entitled “Clarity Instead of Confusion: Available Solutions Under […]

Transmitting PHI by Email

May 27, 2014 By Angela Burnette

Email has become an important mode of communication for business operations, with approximately 100 billion business emails sent in 2013 alone. Included in these messages are patients’ personal and health information, such as test results, diagnoses, and social security numbers. The Privacy and Security Rules of the Health Insurance Portability and Accountability Act of 1996 […]

OCR and ONC Release New Security Risk Assessment Tool

April 3, 2014 By Privacy, Cyber & Data Strategy Team

Late last week, the HHS Office for Civil Rights (OCR) and Office of the National Coordinator for Health Information Technology (ONC) released a security risk assessment (SRA) tool designed to help health care providers conduct risk assessments as required by the HIPAA Security Rule. Under the Security Rule, health care providers must perform risk assessments […]

HIPAA Audit Program Returning?

February 26, 2014 By Privacy, Cyber & Data Strategy Team

We previously blogged about the Office for Civil Rights’ (OCR) HIPAA Privacy, Security and Breach Audit Program (HIPAA Audit Program) on November 30, 2011, March 7, 2012, and June 26, 2012. On Monday, OCR published a notice in the Federal Register in which it essentially announces the return of its HIPAA Audit Program. In the notice, […]