Children’s Mercy Hospital Sued in the Wake of Large-Scale Data Breach

Phishing emails were the culprit behind a giant data breach at Children’s Mercy Hospital that led to the theft of 63,049 patients’ confidential information. Although the federal government has not yet sought action in relation to the breach, a private Missouri law firm filed a class action lawsuit against the hospital, seeking damages for those whose personal …

HIPAA Settlement Demonstrates Importance of Timely Breach Notification

HIPAA legislation requires that when more than 500 individuals are affected by a breach of protected health information (PHI), covered entities are required to notify the individuals, the media, and the U.S. Department of Health and Human Services Office for Civil Rights (OCR) “without unreasonable delay” and within 60 days. …

Are You Ready for Phase 2 Audits?

Are You Ready for Phase 2 Audits? With Phase 2 of the HIPAA Audit Program officially underway, the HHS Office for Civil Rights (OCR) is demonstrating its continued efforts to ensure that protected health information (PHI) is being properly safeguarded by covered entities and their business associates. Both ebtities and …