HIPAA Enforcement: CVS Case Example

While understanding privacy law and how it should be implemented is important, it is equally important to know how such laws are enforced and investigated by the U.S. Government. The following case explains the corrective action the Office of Civil Rights under the Department of Health and Human Services was forced to take ensure compliance of a covered entity that had significantly and repeatedly violated the Privacy Rule of HIPAA.

Following reports of improper disposal of personal health information (PHI) the OCR launched an investigation into the information practices of CVS Entities in September 2007. Their review found the following:

Between [...]

  • Share/Bookmark
June 15th, 2010 | Tags: , , , , , , , , , , , | Category: CIPP, Compliance & Regulations | Leave a comment

HIPAA Enforcement Process

The Health Insurance Portability and Privacy Act was passed in 2003. Since then HIPAA has become one of the most consistently enforced privacy laws to date. Enforcement falls largely to the Department of Health and Human Service’s Office of Civil [...]

  • Share/Bookmark
May 25th, 2010 | Tags: , , , , , , , | Category: CIPP, Compliance & Regulations | Leave a comment

HIPAA: Health Information Portability and Accountability Act

HIPAA is a sectoral law that was first developed in 1996, to enact several changes in the healthcare industry. Among these changes are a security rule and privacy rule which protect personal health [...]

  • Share/Bookmark
January 25th, 2010 | Tags: , , , , , | Category: CIPP, Compliance & Regulations | 2 comments