In a recent interview with an official from the federal Office of Civil Rights (OCR), which enforces HIPAA privacy and security rules, three emerging areas of concern were identified for covered entities. 

Hacking and ransomware continue to be a significant problem for the health-care sectors and covered entities must develop and maintain an incident response plan to deal with these attacks. 

OCR also advised that health-care providers have to be particularly careful when responding to patient complaints on online platforms, if they respond at all. These responses could result in the wrongful disclosure of protected health information of their patients, resulting in significant OCR enforcement actions.  

Finally, HIPAA-covered entities must exercise caution when employing website tracking technologies particularly around business associates agreements and obtaining patient consent.  

Reference

Lewis J. (2023) OCR Official Speaks About Compliance Concerns for HIPAA-Covered Entities and Business Associates JDSUPRA (accessed August 21, 2023).

Share this

Related Posts

CDC Director Monarez Fired

Senate Appropriations Committee Advances FY 2026 LHHS Bill

Student Audiology Leaders Take to Capitol Hill to Champion MAAIA

Recent Posts

Academy Submits Comments on Proposed Revisions to MPFS CY 2026

In response to the Centers for Medicare and Medicaid Services (CMS) Notice of Proposed Rulemaking (NPRM) regarding revisions to Medicare payment policies under the Medicare…

Read More

CDC Director Monarez Fired

On August 27, the Centers for Disease Control and Prevention (CDC) Director Susan Monarez was abruptly fired after serving less than a month in her…

Read More

Congratulations to Our 2025 Scholarship Recipients 

The American Academy of Audiology Foundation’s mission is to promote philanthropy in support of public awareness, research, and education in audiology and hearing and balance…

Read More