One of the nation’s largest non-profit hospital systems entered into a multi-million-dollar settlement and Corrective Action Plan (CAP) with the US Department of Health and Human Services’ Office for Civil Rights (HHS OCR) in relation to potential violations of the Health Insurance Portability and Accountability Act (HIPAA) involving Protected Health Information. The hospital system retained CRA to serve as the OCR-approved assessor under the terms of the CAP, focusing on compliance with policies and procedures related to information security and data privacy. CRA is assisting the hospital system in complying with its obligations under the CAP, strengthening the efficacy of its information security and privacy program, and enhancing its culture of compliance.
Climate disclosure opens up litigation path
As the market awaits the final version of the proposals on enhanced climate disclosures by issuers, sources have been speculating on the different kinds of...