News & Analysis as of

Covered Entities

Six Questions and Answers About CMS’ Recommended Changes to 340B Medicare Reimbursement

In March, I posted about the Uncertain Future of the 340B Drug Discount Program.  When opining about What Could Happen Next I speculated about possible changes to government reimbursement for 340B drugs “so that government...more

NYDFS Updates FAQs to Clarify Cybersecurity Regulations

by Ballard Spahr LLP on

The New York Department of Financial Services (NYDFS) recently updated frequently asked questions (FAQs) about its cybersecurity regulations, 23 NYCRR 500, to address four new issues. NYDFS published its initial set of FAQs...more

The CFPB Issues Its Final Arbitration Rule

by MoFo Reenforcement on

Ending months of speculation and insider reading of tea leaves, on July 10, 2017, the Consumer Financial Protection Bureau (CFPB or Bureau) published a final rule regarding the use of arbitration agreements in specified...more

Five Takeaways from the OCR Reminder on HIPAA Obligations In Ransomware Incidents

by Poyner Spruill LLP on

Apparently prompted by the recent high-profile wave of ransomware attacks, the Department of Health and Human Services’ Office of Civil Rights (OCR) has reminded hospitals, healthcare systems, and other covered entities and...more

How Can Healthcare Organizations Prepare for the Next Cyberattack?

by Latham & Watkins LLP on

HHS OCR issues checklist, iterative guidance in wake of WannaCry and Petya attacks; Anthem breach settlement provides additional lessons. Key Points: ..Healthcare organizations are particularly vulnerable to ransomware...more

Concierge Medicine – Is it for you?

by Farrell Fritz, P.C. on

According to the 2016 Kaiser/HERT Employer Health Benefits Survey, the average annual premium for employer-sponsored family health insurance coverage in 2016 was $18,142 – representing a 20% increase since 2011 and a 58%...more

New York DFS Updates FAQs to Clarify Applicability of Cybersecurity Regulation

by BakerHostetler on

With the first compliance deadline now less than two months away, the New York Department of Financial Services (NYDFS) has provided additional clarity concerning its new Cybersecurity Requirements for Financial Services...more

Illinois “Geolocation Privacy Protection Act” Passes Both Houses, Headed to Governor’s Desk

by WilmerHale on

On Tuesday, June 27, the Illinois legislature passed HB 3449, the “Geolocation Privacy Protection Act.” If signed by Governor Bruce Rauner (R), the bill would prohibit a “private entity” from collecting, using, storing or...more

House Committee Issues Letter to HRSA Requesting Audit Documentation Regarding 340B Drug Pricing Program

by King & Spalding on

The House Committee on Energy and Commerce (Committee) sent a letter dated June 1, 2017, to the Health Resources and Services Administration (HRSA) Administrator expressing concerns about the growth and oversight of the 340B...more

House Bill Would Narrow Orphan Drug Exception

by Arnall Golden Gregory LLP on

A recent House bill, titled the "Closing Loopholes for Orphan Drugs Act," would narrow the exception for orphan drugs in the federal 340B Drug Pricing program. Representative Peter Welch (D-VT) introduced the bill on June 13,...more

HHS Publishes Health Care Cyber Attack Checklist

by Tucker Arensberg, P.C. on

HHS has published a very brief guide, in the form of a checklist, to explain the steps for a HIPAA covered entity or business associate to take in response to a cyber related security incident. You can access the checklist at...more

Healthcare Providers Beware: HIPAA Isn’t Your Only Concern Following a Data Breach–State Law Matters

by McGuireWoods LLP on

Healthcare service provider CoPilot Support Services (“CoPilot”) recently agreed to pay a $130,000 settlement after it waited over a year to notify patients of a data breach, in violation of New York’s breach notification...more

Healthcare Data Breach Enforcements and Fines

by Bryan Cave on

The Department of Health and Human Services’ (“HHS”) Office for Civil Rights (“OCR”) is responsible for enforcing the Privacy and Security Rules of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”)....more

HIPAA Settlements in April and May Highlight Key Compliance Concerns for OCR

by Williams Mullen on

After a break in March with no new settlement agreements, OCR returned in April and May with quite a few. The Health Care Data Aware Blog already posted about a $400,000 OCR settlement released April 12, 2017, which can be...more

My Entity Just Experienced a Cyber-Attack! What Do We Do Now?

by Balch & Bingham LLP on

On June 9, 2017, the U.S. Department of Health and Human Services (HHS), Office of Civil Rights (OCR) released a cyber-attack “Quick Response” checklist (the Checklist) for the benefit of HIPAA covered entities and business...more

OCR Releases Checklist On What To Do Following A Cyber Attack

by Murtha Cullina on

Since the WannaCry ransomware virus spread rapidly across the globe, businesses, both large and small, are again focusing on cyber-security. In a previous bulletin, we detailed five things that a business can do to help...more

New HHS Cybersecurity Preparedness Checklist

by Carlton Fields on

The Department of Health and Human Services’ Office of Civil Rights (OCR) recently published a checklist to guide HIPAA-covered entities and business associates through an appropriate response to a ransomware or cybersecurity...more

OCR Publishes Checklist and Infographic for Cyber Attack Response

OCR released a simple checklist and infographic last week to assist Covered Entities and Business Associates with responding to potential cyber attacks. As cybersecurity remains a pressing concern for health care entities,...more

Causes of Healthcare Data Breaches (Update)

by Bryan Cave on

Pursuant to the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), covered entities (e.g. healthcare providers and health plans) must notify the Department of Health and Human Services (“HHS”) of breaches...more

Funds Talk: June 2017 - Incident Response Plans Form an Essential Part of Cybersecurity Frameworks

Cybersecurity has increasingly moved into the spotlight in recent years, with regulators and financial firms alike clambering to keep pace with rapidly changing demands as threats continue to evolve....more

Complying With HIPAA Following a Ransomware Attack

by Morris James LLP on

In 2016, the U.S. Department of Health and Human Services (“HHS”) issued guidance to help covered entities and business associates understand, among other things, how to respond appropriately to ransomware attacks under the...more

Impermissible Disclosure of HIV Information Results in $387,000 HIPAA Settlement

by Saul Ewing LLP on

St. Luke’s-Roosevelt Hospital Center, Inc. (SLRHC), a member of the New York-based Mount Sinai Health System, paid $387,000 to the U.S. Department of Health and Human Services (HHS) and entered into a corrective action plan...more

New York Cybersecurity Rules: What Firms Need to Know

by Alston & Bird on

New York Governor Andrew Cuomo recently announced final “first-in-the-nation” cybersecurity regulations that took effect on March 1, 2017. New York’s Department of Financial Services (NYDFS) will administer these rules. NYDFS...more

Officer and director checklist: Complying with the global reach of the New York Department of Financial Services Cybersecurity...

by White & Case LLP on

The New York State Department of Financial Services (NYDFS) issued Cybersecurity Requirements for Financial Services Companies (the "Cybersecurity Regulation") effective March 1, 2017. The regulation imposes tight compliance...more

HIPAA spring check-up: Your obligations to safeguard third-party patient health information in medical records produced in...

You’ve had your apple a day, but you can’t keep the subpoenas away… And, if your organization is facing a request seeking records or other materials that may contain patient health information (“PHI”), it bears...more

716 Results
|
View per page
Page: of 29
Cybersecurity

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.