Tag archives: OCR

COVID-19 Update: FDA Inspections Signal Resumption of Government Enforcement Efforts

On July 10, 2020, the U.S. Food and Drug Administration (FDA) announced it would resume domestic on-site inspections beginning the week of July 20. Due to the COVID-19 pandemic, the FDA suspended inspections of facilities in March “to help slow the spread of the virus and help flatten the curve of the COVID-19 pandemic.” To … Continue reading

OCR proposes to share HIPAA data breach settlements with victims

By on May 22, 2018 Posted in Regulatory

The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) plans to issue an advance notice of proposed rulemaking this November on potentially sharing HIPAA breach settlements with victims. The notice would solicit public opinion on creating a process for sharing a percentage of any penalty or settlement with those harmed … Continue reading

HHS OCR issues cyber extortion newsletter

By Alexis Wilpon (US) on February 1, 2018 Posted in Regulatory

This week, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) published a January 2018 newsletter focusing on “cyber extortion.” Cyber extortion often involves an attacker gaining access to an organization’s computer system, stealing sensitive information, and threatening to publish the information. Healthcare and public health organizations are often the … Continue reading

OCR issues guidance on HIPAA Security Rule Compliance and mobile health apps

By Mark Faccenda (US) on March 1, 2016 Posted in Regulatory

The U.S. Department of Health and Human Services Office for Civil Rights (“OCR”) recently published two guidance documents to aid organizations in complying with HIPAA. The Crosswalk The HIPAA Security Rule Crosswalk to NIST Cybersecurity Framework (the “Crosswalk”), developed in connection with the National Institute of Standards and Technology (“NIST”) and the Office of the … Continue reading