DOJ Announces $3.2 Million Settlement with California Hospital Over Alleged Stark Law Violations

The Department of Justice recently announced a $3.2 Million settlement with Tri-City Medical Center related to allegations it violated the Stark Law and False Claims Act.  Tri-City Medical Center, a hospital in Oceanside, California, allegedly maintained financial arrangements with community-based physicians and physician groups that failed to comply with the Stark Law.   Stark, the physician self-referral law, forbids a hospital from billing Medicare for certain services referred by physicians who have a financial relationship with the hospital unless that… Read More >

When Does HIPAA Require Providers to E-mail Patients? Additional Guidance

On January 7, 2015, the Office of Civil Rights (OCR) for the Department of Health and Human Services (HHS) posted a new fact sheet and list of FAQs on the issue of individuals’ access rights under the HIPAA. This document addresses numerous issues associated with the patient’s right to receive copies of their medical information that is kept in a “designated record set” and also provides additional guidance on the issue of emailing patients upon the patient’s request. HIPAA gives… Read More >

$3.5 Million Dollar HIPAA Settlement Highlights Scrutiny of Business Associate Relationships

On November 30, 2015, the Department of Health and Human Services Office for Civil Rights (OCR) announced that it had reached a $3.5 Million Dollar Settlement with Triple-S Management Corporation, an insurance holding company located in San Juan, Puerto Rico. The settlement was the result of OCR’s investigation of multiple HIPAA breaches, some of which included Triple-S business associates.  OCR’s findings included several allegations related to business associates including: Failure to have appropriate business associate agreements Violation of the minimum… Read More >


Chief Administrative Law Judge Chappell issued an initial decision in the Federal Trade Commission action against LABMD, Inc., dismissing the case against the now defunct LABMD.   In his decision ALJ Chappell determined that: “To impose liability for unfair conduct under Section 5(a) of the FTC Act, where there is no proof of actual injury to any consumer, based only on an unspecified and theoretical “risk” of a future data breach and identity theft injury, would require unacceptable speculation and would… Read More >