In a recent interview with an official from the federal Office of Civil Rights (OCR), which enforces HIPAA privacy and security rules, three emerging areas of concern were identified for covered entities.
Hacking and ransomware continue to be a significant problem for the health-care sectors and covered entities must develop and maintain an incident response plan to deal with these attacks.
OCR also advised that health-care providers have to be particularly careful when responding to patient complaints on online platforms, if they respond at all. These responses could result in the wrongful disclosure of protected health information of their patients, resulting in significant OCR enforcement actions.
Finally, HIPAA-covered entities must exercise caution when employing website tracking technologies particularly around business associates agreements and obtaining patient consent.
Reference
Lewis J. (2023) OCR Official Speaks About Compliance Concerns for HIPAA-Covered Entities and Business Associates JDSUPRA (accessed August 21, 2023).
Recent Posts
Where Audiology Comes Together: Join Us for AAA 2027 in St. Louis
Every year, the AAA Annual Convention brings the audiology community together to learn, connect, and move the profession forward. From April 7–10, 2027, that tradition…
CMS Releases Calendar Year 2027 Proposed Medicare Physician Fee Schedule (MPFS) and Hospital Outpatient Prospective Payment System (OPPS)
The Centers for Medicare and Medicaid Services (CMS) released the 2027 Medicare Physician Fee Schedule proposed rule late on July 14, 2026, reducing the PFS…
Vestibular Exercises May Improve Outcomes in Those with Intracerebral Hemorrhage
In a recent article study by Killedar and Kanase (2026), effects of vestibular stimulation exercises were analyzed in individuals with intracerebral hemorrhage. This study randomly…



