March 2010
S M T W T F S
« Feb    
 123456
78910111213
14151617181920
21222324252627
28293031  

Legal Disclaimer

Your use of this Blog does not create an attorney-client relationship. Your e-mail or comments do not create an attorney-client relationship. We have no duty to keep confidential the information that is submitted to this blog. This blog is not a substitute for, nor does it constitute legal advice. Only an attorney who knows the details of your particular situation and is properly licensed in the applicable state (or states) is able to appropriately and properly address any legal issues you may have.

Blog Categories

Is Truly De-identified Data an Impossibility?

By Robert Hudock, on September 11th, 2009 Print This Post Print This Post

Social networking sites, efficient search tools (bing, dogpile, google, yahoo), blogs, cookies, mailing lists, message boards, active x controls/ embedded java script on websites and other databases make it easy to identify that new business prospect or easily cross-reference materials from multiple sources to yield unique insights into a matter of interest. However, these online repositories of data are making it much more difficult to maintain the anonymity of those whose confidential information has been de-identified. De-identified data has many useful purposes; the data can be used in its aggregate for tracking disease, flu outbreaks, tax purposes, etc. There is a darker use of these many data sources, where those in our society that are ethically challenged use these data sources for socially unproductive purposes. [...]

September 11th, 2009 | Tags: , , , , , , , , , , , | Category: CMS, Computer Security Law -- Federal, Deidentified Health Information, HIPAA Privacy, Health and Humans Services (HHS), Identity Theft, Individually identifiable health information, Law and Technology, Privacy, Safe Harbor Method, unsecured protected health information | Leave a comment Print This Post Print This Post

HHS Tranfers Enforcement of the HIPAA Security Rule to OCR (Office of Civil Rights)

By Robert Hudock, on August 5th, 2009 Print This Post Print This Post

It appears HHS has taken this critique to heart. HHS recently released notice of an important shift in the internal responsibility/delegation of authority for the monitoring and enforcement of the HIPAA Security Rule (and all additional health IT-related security responsibilities, under ARRA). Previously responsibility for administering (interpretation, education, guidance, FAQs, etc), monitoring and enforcing the HIPAA Security Rule was a CMS responsibility (specifically, the CMS Office of E-Standards and Services or CMS/OESS). The administration, monitoring and enforcement of the HIPAA Privacy Rule fell under the Office for Civil Rights [...]

August 5th, 2009 | Tags: , , , , | Category: CMS, Enforcement, HIPAA Security, Health and Humans Services (HHS), Office of Civil Rights, Privacy Law | Leave a comment Print This Post Print This Post
Improve the web with Nofollow Reciprocity.