In a recent interview with an official from the federal Office of Civil Rights (OCR), which enforces HIPAA privacy and security rules, three emerging areas of concern were identified for covered entities. 

Hacking and ransomware continue to be a significant problem for the health-care sectors and covered entities must develop and maintain an incident response plan to deal with these attacks. 

OCR also advised that health-care providers have to be particularly careful when responding to patient complaints on online platforms, if they respond at all. These responses could result in the wrongful disclosure of protected health information of their patients, resulting in significant OCR enforcement actions.  

Finally, HIPAA-covered entities must exercise caution when employing website tracking technologies particularly around business associates agreements and obtaining patient consent.  

Reference

Lewis J. (2023) OCR Official Speaks About Compliance Concerns for HIPAA-Covered Entities and Business Associates JDSUPRA (accessed August 21, 2023).

Share this

Related Posts

Academy Endorses Congressional Review Act Resolution to Protect Student Access and Workforce Development: Call to Action

Virginia Board Advances Rulemaking to Restore ABA Certification Pathway

Academy Urges Action on Federal Student Loan Changes

Recent Posts

Academy Endorses Congressional Review Act Resolution to Protect Student Access and Workforce Development: Call to Action

The American Academy of Audiology has formally endorsed the Congressional Review Act (CRA) resolution introduced by Senator Jeff Merkley (D-OR) and Representative Suzanne Bonamici (D-OR)…

Read More

Planting the Seeds of Change

I know it’s an overused cliché, but spring has sprung! Up here in the northern tundra lands of Minnesota, spring is a highly anticipated season…

Read More

Better Hearing and Balance Begins with Us!

Spring is here, and you know what that means! I’ll save you the ‘flowery’ tag lines this year, but we would be amiss if we…

Read More