Cory Fox

Cory Fox

BakerHostetler

Contact  |  View Bio  |  RSS

Latest Publications

Share:

FDA Releases Compounding Policy Documents

The U.S. Food and Drug Administration (FDA) has released five policy documents regarding compounded human drug products in connection with its continued implementation of the compounding provisions of the Drug Quality and...more

7/3/2014 - DQSA Drug Compounding Drug Manufacturers FDA FFDCA Manufacturers Prescription Drugs

Florida Gives Breach Notification Statute More Teeth

On June 20, 2014, Florida Governor Rick Scott signed the Florida Information Protection Act of 2014 (“FIPA”), which will repeal Florida’s current breach notification statute at Fla. Stat. § 817.5681 and replace it with a new...more

7/1/2014 - Cybersecurity Data Breach Enforcement FIPA New Legislation Notice Requirements Public Records Act

HHS Attorney: Major HIPAA Fines and Enforcement Coming

As regularly blogged about on the Data Privacy Monitor, the past 12 months have seen record-breaking HIPAA enforcement activity by HHS OCR. But according to recent remarks by a high-ranking HHS attorney, if you thought these...more

6/16/2014 - Data Protection Enforcement Enforcement Actions Healthcare HHS HIPAA

Stop the Presses! Senate Directs FDA to Meet With Stakeholders Before Enforcing Compounding Law

As previously discussed, the recent flurry of U.S. Food and Drug Administration (FDA) activity following passage of the Drug Quality and Security Act (DQSA) in November 2013, including the issuance of three draft guidance...more

5/29/2014 - DQSA Drug Compounding Enforcement FDA Pharmaceutical Pharmacies Prescription Drugs

FDA Regulation of Compounding Pharmacies: Unsolved Mysteries

The U.S. Food and Drug Administration (FDA) has been busy since the passage of the Drug Quality and Security Act (DQSA) in November 2013. In just five short months, the FDA has issued six warning letters referencing the...more

5/5/2014 - DQSA Drug Compounding FDA FFDCA Interstate Commerce Pharmacies

Iowa Breach Notification Law Now Requires AG Notification, Applies to Paper Records

Iowa recently joined an increasing number of states that require notification of state regulatory authorities following a breach, as well as a handful of states in which paper records can trigger notification obligations....more

4/17/2014 - Attorney Generals Cybersecurity Data Breach Notice Requirements Personally Identifiable Information

Kentucky Enacts Data Breach Notification Statute

On April 10, 2014, Kentucky Governor Steve Beshear signed H.B. 232 into law, making Kentucky the 47th state to enact data breach notification legislation. Prior to H.B. 232, Kentucky was one of only four states—including...more

4/15/2014 - Breach Notification Rule Cloud Computing Data Breach Data Protection Facebook FERPA Google Microsoft Notifications Personally Identifiable Information School Districts Students

HHS Rule Grants Patients Direct Access to Lab Test Results

The U.S. Department of Health and Human Services (HHS) recently published a Final Rule granting patients and their personal representatives access to the patient’s completed laboratory test reports directly from the lab...more

2/24/2014 - CDC CLIA CMS EHR Healthcare HHS HIPAA PHI

Healthcare Privacy – 2013 Year in Review

On January 25, 2013, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) published the long-awaited HIPAA Omnibus Final Rule (Final Rule), which includes the most sweeping changes to HIPAA...more

1/3/2014 - Civil Monetary Penalty EHR Healthcare HHS HIPAA HIPAA Omnibus Rule OCR PHI Privacy Laws Subcontractors

Texas to Launch Nation's First Privacy and Security Certification "Safe Harbor"

The Texas Health Services Authority (THSA) recently announced its selection of the Health Information Trust Alliance (HITRUST) Common Security Framework (CSF), the most widely adopted information privacy and security...more

12/19/2013 - Certifications Data Protection HHS HIPAA PHI Safe Harbors

Special Edition: Health Law Update: Senate Passes "Drug Quality and Security Act"

On November 18, 2013, the Senate, by voice vote, approved the Drug Quality and Security Act (DQSA), intended to bolster the Food and Drug Administration's (FDA) oversight of compounding pharmacies in light of last year's...more

11/20/2013 - Compliance DQSA Drug Compounding Drug Manufacturers FDA FFDCA Pharmaceutical Pharmacies Prescription Drugs

Telemarketing: HIPAA Can Reverse the Charges Under the TCPA

The Telephone Consumer Protection Act (TCPA) generally limits automatically dialed and prerecorded telemarketing calls to wireless and residential phones. In the past, healthcare providers and other "advertisers" could rely...more

10/23/2013 - Exemptions FCC HIPAA Robocalling Spam TCPA Telemarketing Written Consent

FDA Releases Unique Device Identification Final Rule, Draft Guidance

On September 24, 2013, the Food and Drug Administration (FDA) published a Final Rule, which will, over the next several years, require many medical devices distributed in the U.S. to carry a unique device identifier (UDI)....more

10/18/2013 - FDA Medical Devices Unique Device Identifiers

Regulation of Compounding Pharmacies Continues to Evolve with House Passage of "Drug Quality and Security Act"

In the current environment it seems that few, if any, pieces of legislation are moving through Capitol Hill. However, there is one area that has seen significant activity: the regulation of compounding pharmacies....more

10/9/2013 - Drug Compounding FDA Pharmacies

New Survey Underscores Providers' Responsibility for Preventing Medical ID Theft

The Ponemon Institute's recent publication of its fourth annual 2013 Survey on Medical Identity Theft (Survey) confirmed what many in the healthcare industry already knew: identity theft is a serious and often overlooked...more

9/24/2013 - Fraud Healthcare Healthcare Professionals Identity Theft

After Recalls, Pharmacies Wonder How Well They REALLY Know Their Subcontractors

Pharmacy compounding has been a very hot topic over the last 12 months. Whether it is news from Capitol Hill regarding possible legislation, regulation from the Food and Drug Administration (FDA) or action by a state board of...more

9/20/2013 - Drug Compounding FDA Pharmacies Prescription Drugs Product Recalls Subcontractors

HIPAA Violation Results in $1.44 Million Jury Verdict Against Walgreens, Pharmacist

Although HIPAA does not create a private cause of action, a recent Indiana Superior Court jury verdict indicates that HIPAA could still play an important role in private causes of action in state court based on negligence and...more

8/15/2013 - Duty of Care HIPAA Jury Verdicts Negligence Pharmacies Walgreens

Hospital Disclosure of PHI to Media and Workforce Results in $275,000 Fine

HHS OCR announced today its second resolution agreement of 2013. Shasta Regional Medical Center (SRMC) has agreed to pay $275,000 and enter into a comprehensive corrective action plan (CAP) to settle an investigation opened...more

6/17/2013 - Corrective Actions Fines Healthcare HHS Hospitals Journalism OCR PHI Privacy Disclosures

Texas Bill Allows Doctors to Collect Patient Data by Swiping Driver's Licenses

The Texas Legislature recently approved S.B. 166, a bill that would allow healthcare providers, including physicians, nurses, dentists and others to collect and verify patient data by simply swiping a patient's driver's...more

5/23/2013 - Data Collection Driver's Licenses HIPAA Physicians

HHS Considers Amending HIPAA Privacy Rule to Permit Disclosure of Mental Health Information for Firearm Background Checks

Adding yet another wrinkle to the nation’s contentious gun control debate, the U.S. Department of Health and Human Services (HHS) has released an Advance Notice of Proposed Rulemaking (ANPRM) soliciting information and public...more

5/8/2013 - Background Checks Data Protection Firearms Gun Laws HHS HIPAA Mental Illness PHI

Alarm Fatigue: Joint Commission Considering National Patient Safety Guideline for Alarm-Equipped Medical Devices

The Joint Commission (TJC) recently published a Sentinel Event Alert (Alert) regarding “alarm fatigue,” which occurs when physicians are so overwhelmed by the constant barrage of medical device alarms, most of which do not...more

5/6/2013 - Medical Devices Safety Precautions

Personal Smartphones: A Ticking HIPAA/HITECH Time Bomb?

In this brave new world of health information privacy, many industry experts and healthcare organizations have emphasized the need to secure portable electronic devices such as laptops, issued to employees. But a recently...more

4/10/2013 - Bring Your Own Device Data Protection Encryption HIPAA HITECH Mobile Devices Passwords

Can Covered Entities Utilize Text Messaging and Text Paging Without Violating HIPAA?

Text messaging allows healthcare providers to deliver simple, relevant, and customizable health information instantaneously to their patients, like reminders to obtain a vaccine, take a medication or come to an important...more

3/11/2013 - Data Protection HIPAA PHI Texting

Special Edition: Health Law Update - February 28, 2013

In This Issue: - A Baker's Dozen of Significant Changes From the HIPAA/HITECH Rule 1. Business Associates and Subcontractors 2. Breach Notification 3. Covered Entity Organizational Structures 4. Cloud...more

3/1/2013 - Business Associates Cloud Computing Covered Entities Data Breach Data Protection GINA HHS HIPAA HIPAA Omnibus Rule HITECH Notice Requirements OCR PHI Subcontractors

10 Fraud and Abuse Enforcement Trends You Can't Afford to Ignore in 2013

To paraphrase a famous quote, "Those who do not learn from history are doomed to repeat it," and providers who ignore the significance of the federal government's healthcare fraud enforcements efforts in 2012 do so at their...more

2/15/2013 - Affordable Care Act C-Suite Executives Compliance Enforcement Actions Fraud Fraud and Abuse HHS HIPAA HITECH Hospitals OIG Pharmaceutical Plea Agreements Sunshine Act

30 Results
|
View per page
Page: of 2