Compliance
RSSArticles
-
Defendants Prevail Against Malpractice Claims Related to Hernia Surgery and Medication List
This case has many lessons to learn from the multiple defendants, multiple theories of malpractice liability, and multiple defenses. Perhaps one of the more interesting aspects of this case relates to the patient’s primary care physician, who was one of the two remaining defendants when the matter proceeded to trial.
-
Failure to Diagnose and Treat Post-Surgery Infection Leads to $1.18 Million Verdict
One of the primary takeaways from this case is the importance of keeping thorough and accurate records. Keeping thorough and accurate records is important given the length of time that lapses between the underlying medical services and the potential for legal action, particularly trials.
-
Hospital Crippled by Days-Long Cyberattack
Lurie Children’s Hospital, Chicago’s largest pediatric provider, experienced a cyberattack that crippled its email systems and most of its phone service for nearly two weeks.
-
HHS Proposes Cybersecurity Requirements for Hospitals
The Department of Health and Human Services (HHS) recently released a concept paper outlining its cybersecurity strategy for the healthcare sector, focusing specifically on strengthening resilience for hospitals threatened by cyberattacks. HHS outlined four pillars for action, including new voluntary healthcare-specific cybersecurity performance goals.
-
Patient and Family Complaints Require Careful Response
Healthcare organizations should have processes for responding to complaints from patients and families. The nature and seriousness of the complaint will dictate how much of a response is required.
-
When a Privacy Breach Is Not a Breach
Language is important when talking about noncompliance with HIPAA. Not every instance of noncompliance is a breach.
-
Ransom Demands Decrease and More Companies Refuse to Pay
The number of ransomware victims opting to pay the ransom has fallen to a record low. At the beginning of 2019, 85% of ransomware victims paid a ransom. However, that figure fell to 46% in the middle of 2021 and 29% in the last quarter of 2023.
-
HHS Issues HIPAA Best Practices for Telehealth
The Department of Health and Human Services published a resource guide to assist telehealth providers in explaining the privacy and security risks to patients, but the guidance makes clear HIPAA does not require this education. However, the goal is for the resource guide to help providers who would like to discuss potential risks with the patient.
-
First HIPAA Settlement for Ransomware, Fine for Phishing
The Office for Civil Rights achieved two firsts recently: a settlement agreement related to a ransomware attack on a business associate and the first fine issued for a phishing attack. Both cases hold lessons for other covered entities.
-
Defense Decision Reinstated for Patient’s Failure to Provide Expert Testimony
An important lesson from this case focuses on a critical aspect of medical malpractice cases: causation. Generally, the legal standard is that the care provider’s conduct must have been a substantial factor in causing harm such that a reasonable person would consider the conduct to have contributed to the harm.