In a recent interview with an official from the federal Office of Civil Rights (OCR), which enforces HIPAA privacy and security rules, three emerging areas of concern were identified for covered entities. 

Hacking and ransomware continue to be a significant problem for the health-care sectors and covered entities must develop and maintain an incident response plan to deal with these attacks. 

OCR also advised that health-care providers have to be particularly careful when responding to patient complaints on online platforms, if they respond at all. These responses could result in the wrongful disclosure of protected health information of their patients, resulting in significant OCR enforcement actions.  

Finally, HIPAA-covered entities must exercise caution when employing website tracking technologies particularly around business associates agreements and obtaining patient consent.  

Reference

Lewis J. (2023) OCR Official Speaks About Compliance Concerns for HIPAA-Covered Entities and Business Associates JDSUPRA (accessed August 21, 2023).

Share this

Related Posts

Dr. Oz Seeks to Become CMS Administrator

Update on the Continuing Resolution

House CR Extends Medicare Telehealth, Omits Expected Provider Fix

Recent Posts

AAA 2025+HearTECH Expo: Ready, Set…Go!

And we’re off! The first morning of AAA 2025+HearTECH Expo kicked off with a bang, beginning with our hands-on learning labs. Attendees dove into a…

Read More

Cholesterol in Adults 

Carroll et al. (2024) used data from the August 2021–August 2023 National Health and Nutrition Examination Survey to estimate the prevalence of both high total…

Read More
Close-up of acorns on a small branch of the northern red oak / shutterstock.com

Audiology Eggcorns: When Misheard Words Take on a Life of Their Own

How many times have you heard a patient use an incorrect word during speech recognition testing? Hundreds? A search of any social media audiology group…

Read More