PRIVACY + SECURITY BLOG

News, Developments, and Insights

high-tech technology background with eyes on computer display

A Major Move to Weaken HIPAA

HIPAA Penalties Reduced

Quietly, at the end of April, HIPAA was significantly weakened.  HHS published what sounds like an innocuous notification in the Federal Register: Notification of Enforcement Discretion Regarding HIPAA Civil Money Penalties.  This notification is actually an enormous change to the HIPAA penalty structure, a drastic reduction in HIPAA fines. The existing penalty structure under HIPAA […]

Read More…

HIPAA Whiteboard and HIPAA Interactive Whiteboard

HIPAA Whiteboard

Recently, I created two new HIPAA training resources. HIPAA Whiteboard I created a 1-page visual summary of HIPAA, which I call the HIPAA Whiteboard.  The idea was to summarize HIPAA in a concise and visually-engaging way.  You can download a PDF handout version here.  We’ve been licensing it to many organizations for training and awareness purposes. […]

Read More…

Blogging Highlights 2015: Health Privacy+Security Issues

HIPAA Training

I’ve been going through my blog posts from 2015 to find the ones I most want to highlight.  Here are some selected posts about health privacy and security: Why HIPAA Matters: Medical ID Theft and the Human Cost of Health Privacy and Security Incidents […]

Read More…

The Most Alarming Fact of the HIPAA Audits

by Daniel J. Solove Are privacy and security laws being enforced effectively? This post is post #5 of a series called Enforcing Privacy and Security Laws. Under the Health Insurance Portability and Accountability Act (HIPAA), various organizations can be randomly selected to be audited – even if no complaint has been issued against them and […]

Read More…

The Brave New World of HIPAA Enforcement

by Daniel J. Solove Are privacy and security laws being enforced effectively? This post is post #4 of a series called Enforcing Privacy and Security Laws. The Health Insurance Portability and Accountability Act (HIPAA) regulations govern health information maintained by various entities covered by HIPAA (“covered entities”) and other organizations that receive health information from […]

Read More…