We have previously blogged about the U.S. Department of Health & Human Services HIPAA Audit Program, including the Audit Program pilot (November 30, 2011 and March 7, 2012), the release of the Office for Civil Rights (OCR) audit protocols (June … [Read more] about Alston & Bird Health Care Advisory: HIPAA Audit Program Phase 2 Update
New California Law Expands Data Security Requirements, SSN Protections and Breach Notification Obligations
On September 30, 2014, the Governor of California signed Assembly Bill 1710, which made three small but important changes to the state’s privacy laws. The bill: (1) amended California’s breach notification law to require that the notifying entities … [Read more] about New California Law Expands Data Security Requirements, SSN Protections and Breach Notification Obligations
Laboratories Must Comply with New HIPAA Patient Access Rules by October 6, 2014
HIPAA covered laboratories and hospitals with laboratories subject to the Clinical Laboratory Improvement Amendments of 1988 (“CLIA”) must comply with changes to the HIPAA Privacy Rule that provide patients with direct access to laboratory test … [Read more] about Laboratories Must Comply with New HIPAA Patient Access Rules by October 6, 2014
WP29 Announces a Common “Tool-Box” Approach to Handling of Complaints under the Right to be Forgotten
On September 18, 2014, the Article 29 Working Party (the “WP29”) issued a press release, announcing that the European data protection authorities agreed on a common “tool-box” approach to handling complaints lodged due to … [Read more] about WP29 Announces a Common “Tool-Box” Approach to Handling of Complaints under the Right to be Forgotten
HIPAA Audit Program Phase 2: Delayed
A representative of the U.S. Department of Health and Human Services’s Office for Civil Rights (OCR) has recently revealed that OCR has delayed the start of phase 2 of its HIPAA Audit Program – and has revised its plans for phase 2. Previous Plans … [Read more] about HIPAA Audit Program Phase 2: Delayed