In our November 30, 2011 and March 7, 2012 posts, we discussed the HHS Office for Civil Rights (OCR) audit pilot program, which began in November 2011 and is expected to conclude in December 2012. The audit program has been developed pursuant to the … [Read more] about HHS/OCR Posts HIPAA Privacy, Security and Breach Notification Audit Protocol
HIPAA/HITECH Act Privacy Rule Delayed?
Despite recent indications from HHS and the Director of HHS’s Office for Civil Rights (OCR) that the HIPAA/HITECH Act Omnibus Final Rule is extremely close to publication, the White House’s Office of Management and Budget (OMB) has extended its … [Read more] about HIPAA/HITECH Act Privacy Rule Delayed?
Vermont and Connecticut Add Attorney General Notification to Data Breach Notice Statutes
In what appears to be a growing trend, Vermont and Connecticut have added a requirement to separately notify the states’ Attorney General’s office of a data breach involving the personal information of Vermont and Connecticut residents. … [Read more] about Vermont and Connecticut Add Attorney General Notification to Data Breach Notice Statutes
HIPAA/HITECH Act Privacy Rule Coming in July 2012?
In March, we reported that the U.S. Department of Health and Human Services (HHS) had submitted the HIPAA/HITECH Act Omnibus Final Rule to the Office of Management and Budget (OMB) for review under Executive Order 12866, and that OMB had up to 90 … [Read more] about HIPAA/HITECH Act Privacy Rule Coming in July 2012?
Illinois Joins Maryland in Limiting Employer’s Access to Employee Facebook Pages
On May 23, Illinois followed in Maryland’s footsteps to become the second state to pass a law prohibiting employers from asking employees or job applicants for their passwords to social networking websites. Although the Illinois governor must … [Read more] about Illinois Joins Maryland in Limiting Employer’s Access to Employee Facebook Pages