This issue of McDermott’s Healthcare Regulatory Check-Up highlights regulatory activity for February 2024. We discuss various regulatory developments, including guidance on the use of AI in coverage decisions and texting...more
HIPAA applies to both covered entities (e.g., healthcare providers and health plans) and their business associates. A “business associate” is generally a person or entity that “creates, receives, maintains or transmits”...more
On September 15, 2021, in response to the “proliferation of apps and connected devices that capture sensitive health data” the Federal Trade Commission (FTC) issued a Policy Statement (the Statement) offering guidance on the...more
Certain California-licensed healthcare facilities are now subject to additional breach reporting obligations pursuant to regulations (Regulations)[1] issued by the California Department of Public Health (Department) on July...more
Can an employer be held liable for an employee’s HIPAA violation even if the employee engaged in an unauthorized act that was motivated by the employee’s own personal interest? In the recent decision of SoderVick v. Parkview...more
Allergy Associates of Hartford, P.C., entered into a Resolution Agreement and agreed to pay $125,000 to the U.S. Department of Health and Human Services, Office for Civil Rights (HHS) in order to settle certain Health...more
In the latest twist in a case that began last year, an administrative law judge (ALJ) agreed that a $4.3 million penalty, levied by the Office of Civil Rights (OCR) against the MD Anderson Cancer Center as a result of HIPAA...more
Conducting HIPAA Breach Risk Assessments - The HIPAA rules relating to assessment of potential patient confidentiality breaches were changed in 2013. Specifically, on January 17, 2013, the Office of Civil Rights released...more
Safeguarding patient information is at the core of responsibilities for health care entities under the Health Insurance Portability and Accountability Act (HIPAA). But safeguarding patient information isn’t just a regulatory...more
With the onslaught of Affordable Care Act changes, health plan sponsors have much to think about lately. Given the number of other issues affecting them, plan sponsors may feel that HIPAA privacy and security is an issue they...more
In two recent reports, each with a specific focus, the OIG strongly recommended that the Office for Civil Rights (OCR) step up its HIPAA oversight and enforcement activities. One report assessed the OCR’s oversight of covered...more
The Office of Inspector General (OIG) of the U.S. Department of Health and Human Services (HHS) issued two reports yesterday calling for the HHS Office of Civil Rights (OCR) to strengthen its Health Insurance Portability and...more
Earlier this month, a California jury found the University of California, Los Angeles Health System (UCLA) not liable for damages that allegedly resulted when a medical office assistant, Alexis Price, improperly accessed and...more
Last week, Cancer Care Group, P.C. (CCG), an Indiana radiation oncology practice, agreed to settle alleged violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) by paying $750,000 and adopting...more
Alleged HIPAA Violations Resulted from Medical Center’s Failure to Risk Assess Internet-Based Document Sharing Application and Inadequate Breach Response. The US Department of Health and Human Services (HHS) Office for...more
The injuries suffered by a professional football player brought the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations ("HIPAA") onto center stage of the media during the days...more
Many telehealth and mHealth app developers are concerned about whether or not their app is a medical device under FDA regulations (and rightfully so), they often pay less attention to the Health Insurance Portability and...more
As of early December 2014, 1,170 security breaches under the Health Insurance Portability and Accountability Act (HIPAA) involving 31 million records had been reported to the U.S. Department of Health and Human Services (HHS)...more
Recently, the Indiana Court of Appeals let stand a $1.4 million jury verdict against a national pharmacy chain for its employee pharmacist’s unauthorized disclosure of a customer’s confidential medical records. Given the...more
Under California Health & Safety Code (HSC) sections 1280.15(a) and (b), California licensed clinics, hospitals, home health agencies and hospices are required to prevent “unlawful or unauthorized access to, and use or...more
Each year brings significant changes and challenges in the laws governing the health care industry, and 2014 proved to be no exception. What the year may have lacked in the high drama that accompanies comprehensive health...more
Like many federal statutes, the Health Insurance Portability and Accountability Act of 1996 (HIPAA) contains a provision governing how the statute is designed to interact with similar or otherwise related state laws. When...more
You may already have read the scintillating facts surrounding a jury award of $1.44 million (recently challenged unsuccessfully on appeal) against Walgreen Co. (Walgreens) following its pharmacist’s alleged inappropriate...more
When is “sharing” too much of a good thing? And will it get worse for health care systems in 2015? Data sharing has become a point of sharp focus in the efforts to improve the quality and efficiency of health...more
The U.S. Department of Health and Human Services, Office for Civil Rights (OCR) issued its first settlement under new OCR Director Jocelyn Samuels earlier this month. This latest settlement serves as a reminder that a...more