On June 31, 2024, the Department of Health and Human Services (“HHS”) published a final rule establishing penalties for healthcare providers who violate the information blocking rules implemented under the 21st Century Cures...more
Earlier this year, the Federal Trade Commission (FTC) approved a final rule that invalidates most post-engagement non-compete covenants in all agreements. This rule prohibits use and enforcement of non-compete covenants and...more
8/19/2024
/ Compliance ,
Confidential Information ,
Employer Responsibilities ,
Employment Contract ,
Federal Bans ,
Federal Trade Commission (FTC) ,
Final Rules ,
Health Care Providers ,
Healthcare Workers ,
Non-Compete Agreements ,
Notice Requirements ,
Restrictive Covenants
On October 30, 2023, the Department of Health and Human Services (HHS) released a proposed rule establishing penalties for healthcare providers who violate the information blocking rules implemented under the 21st Century...more
12/28/2023
/ 21st Century Cures Act ,
Centers for Medicare & Medicaid Services (CMS) ,
Department of Health and Human Services (HHS) ,
Electronic Medical Records ,
Electronic Protected Health Information (ePHI) ,
Health Care Providers ,
Health Information Technologies ,
Healthcare ,
Healthcare Reform ,
Information Blocking Rules ,
MIPS ,
OIG ,
Penalties ,
Proposed Rules ,
Regulatory Agenda
There have been several recent governmental actions which highlight the balance between securing electronic patient information and the need for interoperability and appropriate exchange of such information. This article will...more
HHS Releases Cybersecurity Guide -
On March 8, 2023 the Department of Health and Human Services released a cybersecurity implementation guide for the health care industry—the HPH Sector Cybersecurity Framework...more
The Biden Administration recently announced its intent to end the national emergency and public health emergency declarations on May 11, 2023, over three years since the COVID-19 pandemic began. While there have certainly...more
3/7/2023
/ Biden Administration ,
Coronavirus/COVID-19 ,
Critical Infrastructure Sectors ,
Cybersecurity ,
Emergency Management Plans ,
Health Care Providers ,
Healthcare ,
Infectious Diseases ,
Popular ,
Public Health Emergency ,
Telehealth ,
Telemedicine
Providers oftentimes ask how long they need to retain certain types of medical information. While there are some general rules regarding the timeframes for retaining medical information, the specific answer varies depending...more
10/18/2022
/ Data Retention ,
Document Destruction ,
Electronically Stored Information ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
OCR ,
Personal Information ,
PHI ,
Policies and Procedures ,
Record Retention ,
Regulatory Requirements
Cyber-attacks on health care entities are becoming increasingly frequent, and the resulting data breaches are often complex. In the event of a cyber-attack, health care entities and their business associates must adhere to...more
Getting in to see your doctor is not always as easy as picking up the phone. Often, there is a several-week-long wait for an opening, and the doctor your insurer covered last year may no longer be in-network this year. That...more
On December 2, 2020, the Centers for Medicare and Medicaid Services (“CMS”) finalized sweeping changes to the federal Physician Self-Referral Law, commonly known as the Stark Law. Many of the changes reflect CMS’ intent to...more
Providers can apply for Phase 3 funds between October 5, 2020 and November 6, 2020.
On October 1, 2020, the Department of Health and Human Services (“HHS”) announced an additional $20 billion in funding for healthcare...more
WHAT MATTERS -
Department of Health and Human Services Office for Civil Rights announces the resolution of two major discrimination complaints against healthcare providers.
Originally Published in the Birmingham Medical...more
The Office for Civil Rights (“OCR”), the entity responsible for HIPAA compliance and enforcement, has issued a series of guidance documents regarding the interplay of HIPAA and the COVID-19 pandemic. The most recent guidance...more
Over the past several months, the Office for Civil Rights (“OCR”), the entity responsible for compliance with and enforcement of the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations...more
The Centers for Medicare & Medicaid Services (CMS) recently issued a 29-page summary of the numerous blanket waivers issued to provide flexibilities to health care providers combating the COVID-19 pandemic....more
Over the past several weeks, the Office for Civil Rights (“OCR”), the entity responsible for compliance with and enforcement of the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations...more
Health care providers operate in one of the most highly regulated industries in terms of compliance and governmental oversight. As a result, providers face a number of regulatory and compliance challenges each year....more
10/25/2019
/ Anti-Kickback Statute ,
Cyber Attacks ,
Cybersecurity ,
Department of Health and Human Services (HHS) ,
Electronic Medical Records ,
Fraud and Abuse ,
Health Care Providers ,
Healthcare Fraud ,
HIPAA Breach ,
PHI ,
Popular ,
Regulatory Agenda ,
Regulatory Oversight ,
Regulatory Standards ,
Rulemaking Process ,
Stark Law
What have you done for me lately? Now that the tune is stuck in your head, specifically, have you recently conducted a thorough and up to date risk assessment in accordance with the requirements of the Health Insurance...more
8/15/2019
/ Cybersecurity ,
Data Privacy ,
Data Protection ,
Electronic Medical Records ,
Failure to Comply ,
Hackers ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
Medical Records ,
OCR ,
PHI ,
Risk Assessment
The Office of Civil Rights (“OCR”) is the federal agency that oversees compliance with the Health Insurance Portability and Accountability Act of 1996, and its implementing regulations (“HIPAA”). In that regard, among other...more
5/10/2019
/ Cyber Attacks ,
Data Breach ,
Electronic Medical Records ,
Government Investigations ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
Information Technology ,
OCR ,
Personally Identifiable Information ,
PHI ,
Policies and Procedures ,
Risk Mitigation
On Match Day in March each year, medical students completing their formal education find out where they are going to continue their training in residency. Similarly, those students completing a residency program are...more
The U.S. Department of Health and Human Services Office of Civil Rights (“OCR”) was hard at work at the end of 2018—emphasizing the active efforts we have seen for the past few years from OCR. Below is a brief summary of some...more
3/7/2019
/ Comment Period ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HITECH Act ,
Information Sharing ,
Mental Illness ,
OCR ,
Opioid ,
Personal Data ,
PHI ,
Privacy Policy ,
Value-Based Care
As 2018 winds down and 2019 kicks off, it is wise to review various aspects of your practice to ensure everything is up to date and continues to operate in compliance with applicable laws. One area of focus for such review is...more
In the age of electronic medical records and ransomware attacks, recent focus with regard to HIPAA compliance seems to be on electronic security. How are your electronic medical records stored? Do you require two-factor...more
7/11/2018
/ Cyber Attacks ,
Data Breach ,
Electronic Devices ,
Electronic Medical Records ,
Hackers ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
Information Technology ,
OCR ,
Personally Identifiable Information ,
PHI ,
Risk Management
I am occasionally asked by providers whether or not they can waive a co-pay for a particular patient. There are many reasons providers wish to waive co-pays: financial hardship, professional courtesy, employee discounts, etc....more
In light of the recent incident in Las Vegas, the Office of Civil Rights (“OCR”), the government entity responsible for HIPAA Compliance, issued clarification guidance on the ability of a health care provider to share...more