45 CFR 160.308 - Compliance reviews

Cite as45 CFR 160.308
    • This document is available in original version only for vLex customers

      View this document and try vLex for 7 days
    • TRY VLEX
9 practice notes
  • Spencer v. Roche, Civil Action No. 08–40100–FDS.
    • United States
    • United States District Courts. 1st Circuit. United States District Courts. 1st Circuit. District of Massachusetts
    • November 8, 2010
    ...to investigate complaints and conduct compliance reviews to determine whether covered entities are in compliance. 45 C.F.R. §§ 160.306, 160.308 (2010). Therefore, any claim for invasion of privacy under HIPAA fails as a matter of law.2. Common–Law Invasion of Privacy Massachusetts has never......
  • OCR Issues Proposed Modifications to HIPAA Privacy and Security Rules to Implement HITECH Act
    • United States
    • JD Supra United States
    • July 27, 2010
    ...the covered entity has a compliant business associate agreement in 102 75 Fed. Reg. 40,880 (proposed to be codified at § 160.408). 103 45 C.F.R. § 160.308. 104 75 Fed. Reg. 40,875 (proposing to insert term “business associate” following references to “covered entity” at 45 C.F.R. §§ 160.300......
  • Highlights of the Omnibus HIPAA/HITECH Final Rule
    • United States
    • JD Supra United States
    • March 7, 2013
    ...Reg. at 5680. 25 78 Fed. Reg. at 5624-26. 26 78 Fed. Reg. at 5626, 5628. 27 78 Fed. Reg. at 5631. 28 45 C.F.R. § 160.306(c)(1). 29 45 C.F.R. § 160.308(a). 30 78 Fed. Reg. at 5579. 31 45 C.F.R. § 160.402(a). 32 45 C.F.R. § 160.402(c). 33 78 Fed. Reg. at 5581. 34 45 C.F.R. § 160.404(b)(2). 35......
  • Key Elements of the New “Omnibus” HIPAA Privacy and Security Regulations
    • United States
    • JD Supra United States
    • January 25, 2013
    ...associate.” 45 C.F.R. § 160.102. This change includes subjecting both covered entities and business associates to compliance reviews. 45 C.F.R. § 160.308. • The definition of “business associate” itself has been expanded to include: (i) A Health Information Organization, E-prescribing Gatew......
  • Request a trial to view additional results
3 cases
  • Spencer v. Roche, Civil Action No. 08–40100–FDS.
    • United States
    • United States District Courts. 1st Circuit. United States District Courts. 1st Circuit. District of Massachusetts
    • November 8, 2010
    ...to investigate complaints and conduct compliance reviews to determine whether covered entities are in compliance. 45 C.F.R. §§ 160.306, 160.308 (2010). Therefore, any claim for invasion of privacy under HIPAA fails as a matter of law.2. Common–Law Invasion of Privacy Massachusetts has never......
  • Premier Health Ctr., P.C. v. Curemd.Com, Inc., No. 17 CV 1861-LTS
    • United States
    • United States District Courts. 2nd Circuit. United States District Courts. 2nd Circuit. Southern District of New York
    • March 28, 2018
    ...procedures, or practices of the covered entity or business associate and of the circumstances regarding any alleged violation."); 45 C.F.R. § 160.308 ("The Secretary may conduct a compliance review to determine whether a covered entity or business associate is complying with the applicable ......
  • Gonzalez v. Kohout, 6:15-CV-6703G
    • United States
    • United States District Courts. 2nd Circuit. United States District Court of Western District of New York
    • November 24, 2015
    ...action for violation of the Health Insurance Portability and Accountability Act's (HIPAA) confidentiality provisions. 45 C.F.R. §§ 160.306, 160.308; Spencer v. Roche, 755 F. Supp. 2d 250, 271 (D. Mass. 2010), aff'd, 659 F.3d 142 (1st Cir. 2011).Page 4 CONCLUSION Plaintiff's claims must be d......
5 firm's commentaries
  • OCR Issues Proposed Modifications to HIPAA Privacy and Security Rules to Implement HITECH Act
    • United States
    • JD Supra United States
    • July 27, 2010
    ...the covered entity has a compliant business associate agreement in 102 75 Fed. Reg. 40,880 (proposed to be codified at § 160.408). 103 45 C.F.R. § 160.308. 104 75 Fed. Reg. 40,875 (proposing to insert term “business associate” following references to “covered entity” at 45 C.F.R. §§ 160.300......
  • Highlights of the Omnibus HIPAA/HITECH Final Rule
    • United States
    • JD Supra United States
    • March 7, 2013
    ...Reg. at 5680. 25 78 Fed. Reg. at 5624-26. 26 78 Fed. Reg. at 5626, 5628. 27 78 Fed. Reg. at 5631. 28 45 C.F.R. § 160.306(c)(1). 29 45 C.F.R. § 160.308(a). 30 78 Fed. Reg. at 5579. 31 45 C.F.R. § 160.402(a). 32 45 C.F.R. § 160.402(c). 33 78 Fed. Reg. at 5581. 34 45 C.F.R. § 160.404(b)(2). 35......
  • Key Elements of the New “Omnibus” HIPAA Privacy and Security Regulations
    • United States
    • JD Supra United States
    • January 25, 2013
    ...associate.” 45 C.F.R. § 160.102. This change includes subjecting both covered entities and business associates to compliance reviews. 45 C.F.R. § 160.308. • The definition of “business associate” itself has been expanded to include: (i) A Health Information Organization, E-prescribing Gatew......
  • OCR Issues Final Modifications to the HIPAA Privacy, Security, Breach Notification and Enforcement Rules to Implement the HITECH Act
    • United States
    • JD Supra United States
    • February 21, 2013
    ...knew of a pattern or practice of breach of the business associate agreement. OCR Investigations and Compliance Reviews (45 CFR §§ 160.306, 160.308, 160.312) The Enforcement Rule provides that OCR may, but is not required to, conduct complaint investigations or compliance reviews to determin......
  • Request a trial to view additional results

VLEX uses login cookies to provide you with a better browsing experience. If you click on 'Accept' or continue browsing this site we consider that you accept our cookie policy. ACCEPT