On June 20, 2024, a U.S. federal district court held, in a suit brought by Jones Day, that the Department of Health and Human Services ("HHS") had misapplied the Health Insurance Portability and Accountability Act ("HIPAA")...more
8/2/2024
/ Confidential Information ,
Covered Entities ,
Data Privacy ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Privacy Rule ,
Medical Records ,
New Guidance ,
PHI
Welcome to Vital Signs, a curated compilation of the latest legal and regulatory developments in digital health. Our lead article reports on recent developments in the U.S. Food and Drug Administration's ("FDA") regulatory...more
7/22/2024
/ Algorithms ,
Artificial Intelligence ,
Cybersecurity ,
Data Protection ,
Department of Justice (DOJ) ,
Digital Health ,
Food and Drug Administration (FDA) ,
General Data Protection Regulation (GDPR) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Innovative Technology ,
Life Sciences ,
Machine Learning ,
Medical Devices ,
Personal Data ,
Pharmacies ,
Popular ,
Telemedicine
The Federal Trade Commission ("FTC") intends to "strengthen and modernize" the Health Breach Notification Rule with revamped and increased scrutiny on entities holding health information, including health apps, websites, and...more
The U.S. Food and Drug Administration ("FDA") has proposed updated guidance, intended to assist individuals in meeting the cybersecurity requirements for FDA medical device submissions....more
New, first-of-their-kind consumer health data privacy laws in Washington and Nevada are designed to provide state-level protections for personal health data not covered by the Health Insurance Portability and Accountability...more
Welcome to Vital Signs, a curated compilation of the latest legal and regulatory developments in digital health. Our lead article reports on HHS' recent final rule on the confidentiality of substance use disorder patient...more
3/20/2024
/ Consent ,
Data Privacy ,
Data Security ,
DEA ,
Department of Health and Human Services (HHS) ,
Digital Health ,
Draft Guidance ,
Food and Drug Administration (FDA) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Life Sciences ,
Medical Devices ,
OCR ,
Personal Information ,
Popular ,
Risk Management ,
Telehealth
DOJ, FTC, and HHS jointly announced the launching of a cross-government public inquiry into increasing private equity and corporate involvement in health care, the latest announcement in a string of public statements from the...more
The Department of Health and Human Services ("HHS") has released voluntary cybersecurity performance goals for the health care and public health sectors, which outline an increasingly standardized regulatory approach and...more
2/19/2024
/ Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Department of Health and Human Services (HHS) ,
Health Care Providers ,
Healthcare ,
Popular ,
Proposed Regulation ,
Public Health
The Department of Health and Human Services ("HHS") has released a concept paper outlining its new cybersecurity strategies for the health care sector, identifying cybersecurity priorities, potential future regulations and...more
1/12/2024
/ Centers for Medicare & Medicaid Services (CMS) ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Health and Human Services (HHS) ,
Federal Trade Commission (FTC) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
OCR ,
Popular ,
Proposed Rules ,
Public Health ,
Regulatory Requirements ,
Risk Mitigation
The U.S. Department of Health and Human Services ("HHS") Office of Civil Rights ("OCR") has entered into its first settlement of potential Health Insurance Portability and Accountability Act ("HIPAA") violations arising out...more
12/6/2023
/ Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Violations ,
Hospitals ,
Life Sciences ,
OCR ,
Ransomware
New York is the first state to propose cybersecurity requirements for all hospitals operating in the state to address patient safety and other cybersecurity related issues....more
12/1/2023
/ Chief Information Security Officer (CISO) ,
Cyber Threats ,
Cybersecurity ,
Data Protection ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare Facilities ,
Hospitals ,
New York ,
NYDFS ,
Patient Privacy Rights ,
Popular ,
Proposed Regulation ,
Regulatory Agenda ,
Regulatory Reform
In Short -
The Situation: On November 6, 2023, the Office of Inspector General ("OIG") of the U.S. Department of Health and Human Services ("HHS") released its "General Compliance Program Guidance" ("GCPG"). The GCPG...more
12/1/2023
/ Anti-Kickback Statute ,
Compliance Management Systems ,
Department of Health and Human Services (HHS) ,
Draft Guidance ,
Federal Register ,
Health Care Providers ,
Healthcare ,
Healthcare Fraud ,
Life Sciences ,
OIG ,
Physicians ,
Stark Law
We bring you Vital Signs, a curated, one-stop resource on the most notable digital health law updates from our U.S. and global contributors. In Industry Insights, our lawyers describe the increasingly common regulation of...more
11/27/2023
/ Artificial Intelligence ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Data Privacy ,
Data Security ,
DEA ,
Digital Health ,
Food and Drug Administration (FDA) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Life Sciences ,
Machine Learning ,
Popular ,
Public Health ,
Telehealth
We bring you Vital Signs, a curated, one-stop resource on the most notable digital health law updates from our U.S. and global contributors. In Industry Insights, we take an in-depth look at generative artificial intelligence...more
9/15/2023
/ Artificial Intelligence ,
Data Privacy ,
Department of Health and Human Services (HHS) ,
Digital Health ,
End-Users ,
EULA ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Machine Learning ,
OIG ,
Popular ,
Software ,
Telehealth
The Consumer Financial Protection Bureau (“CFPB”), Department of Health and Human Services (“HHS”), and United States Treasury have issued an interagency Request for Information (“RFI”) focused on the offering and provision...more
This new legislation supports the Health Resources and Services Administration ("HRSA") modernization initiative announced in March, including several actions to strengthen accountability and transparency in the Organ...more
The Federal Trade Commission seeks to clarify how the Health Breach Notification Rule applies to health records collected by health apps and similar consumer health technologies. ...more
Note From the Editors -
This edition of Vital Signs is filled with digital health developments from around the world. In Industry Insights, you'll see and hear from Alexis Gilroy and Claire Castles, each in a short video...more
5/15/2023
/ Clinical Trials ,
Data Collection ,
DEA ,
Department of Health and Human Services (HHS) ,
Digital Health ,
Food and Drug Administration (FDA) ,
Health Care Providers ,
OIG ,
Popular ,
Substance Abuse ,
Telehealth
The sweeping law imposes new requirements on the processing and sale of consumer health data in the state.
On April 27, 2023, Washington State Governor Inslee signed the "My Health My Data Act" ("Act"). This Act marks the...more
The Federal Trade Commission ("FTC") has brought its first enforcement action for violations of the Health Breach Notification Rule ("HBNR"), signaling heightened federal agency scrutiny of digital health platforms,...more
The National Institute of Standards and Technology ("NIST") has released its AI Risk Management Framework ("AI RMF") as a resource to reportedly assist individuals, organizations, and society identify risks associated with...more
The Artificial Intelligence Bill of Rights sets forth voluntary guidelines that companies utilizing or developing technology with artificial intelligence can follow to protect users....more
On August 31, 2022, the California Attorney General delivered letters to 30 hospitals and health systems across California requesting information regarding commercial decision-making technology tools and their potential...more
Lawyer Spotlight:
Artificial intelligence innovations continue to fuel advances across diverse life science applications, including drug discovery and digital health. This month, we highlight two lawyers who help clients...more
On March 15, 2022, President Biden signed into law the Consolidated Appropriations Act, 2022 (the "Act"), extending certain Medicare telehealth reimbursement flexibilities for 151 days following the end of the declared...more