In a recent interview with an official from the federal Office of Civil Rights (OCR), which enforces HIPAA privacy and security rules, three emerging areas of concern were identified for covered entities. 

Hacking and ransomware continue to be a significant problem for the health-care sectors and covered entities must develop and maintain an incident response plan to deal with these attacks. 

OCR also advised that health-care providers have to be particularly careful when responding to patient complaints on online platforms, if they respond at all. These responses could result in the wrongful disclosure of protected health information of their patients, resulting in significant OCR enforcement actions.  

Finally, HIPAA-covered entities must exercise caution when employing website tracking technologies particularly around business associates agreements and obtaining patient consent.  

Reference

Lewis J. (2023) OCR Official Speaks About Compliance Concerns for HIPAA-Covered Entities and Business Associates JDSUPRA (accessed August 21, 2023).

Share this

Related Posts

Termination of Federal EHDI Grants

Congress Introduces Legislation to Protect Audiology Students’ Access to Federal Loans

Academy Presents Inaugural AAA National Health Leadership Award to Representative Bilirakis

Recent Posts

Your Professional Growth Starts Here

Ready to level up your career? You told us professional and leadership growth matters—especially for those newer to the field and eager to build their…

Read More

Termination of Federal EHDI Grants

Earlier this week, the Academy learned that seven federal cooperative agreements funded by the U.S. Health Resources and Services Administration (HRSA) are being terminated. Despite…

Read More

Discover What’s New (and Worth the Trip) at AAA 2026

We’re gearing up for an unforgettable convention, and we’re excited to share what’s new in San Antonio! This year’s convention brings fresh programming, expanded learning…

Read More