The University of Rochester Medical Center (URMC), one of the largest health systems in New York, recently agreed to a $3 million settlement for potential violations of the Health Insurance Portability and Accountability Act (HIPAA). In 2013, URMC filed a breach report to the United States Department of Health and Human Services, Office for Civil Rights (OCR) due to the loss of an unencrypted flash drive containing electronic Protected Health...

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) imposed a $2,154,000 civil money penalty against Jackson Health System (JHS), a nonprofit academic medical system in Florida, for numerous violations of the Health Insurance Portability and Accountability Act (HIPAA) that occurred between 2013 and 2016. The HIPAA violations included the loss of 756 paper patient records containing Protected Health Information (PHI); unauthorized employee access of patient...

Last week, the Office for Civil Rights (OCR) announced a settlement related to allegations that a dental practice disclosed protected health information on its Yelp review page. The original complaint, filed in 2016, alleged that the practice impermissibly disclosed a patient's last name, details of her treatment plan, insurance, and cost information when responding to the patient's negative review. An OCR investigation revealed that this was not the only instance...

Federal prosecutors in Florida and Louisiana have filed multiple indictments related to a nationwide telemedicine fraud scheme involving genetic testing. The arrangement included at least 35 individuals and has resulted in the submission of more than $2.1 billion of fraudulent claims. Earlier this week, federal prosecutors for the United States Department of Justice charged the CEO of LabSolutions, LLC, the owners of telemedicine companies Lotus Health, LLC, MedSymphony, LLC, and...

The California Department of Health Care Services recently revised its Medi-Cal Provider Manual (the "Manual") to permit additional flexibility for providers who wish to render health care services through telehealth. Medi-Cal defines telehealth as: "The mode of delivering health care services and public health via information and communication technologies to facilitate the diagnosis, consultation, treatment, education, care management and self-management of a patient's health care while the patient is at...