State Attorneys General play a significant role in shaping health care policy across the country. While the national debates over health care policy in Congress and the federal government receive significant media attention,...more
The FTC has updated its HBNR to clarify that the rule also restricts marketing practices involving personal health information. This update to the HBNR was announced on April 26, 2024, and follows several recent enforcement...more
4/29/2024
/ Breach Notification Rule ,
Data Breach ,
Data Privacy ,
Data Protection ,
Digital Health ,
Federal Trade Commission (FTC) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
PHI ,
Regulatory Agenda ,
Regulatory Reform ,
Technology
I was pleased to take part in the “Transforming Care – Strategies for Integration of Artificial Intelligence in Healthcare” discussion, hosted by the New England Healthcare Executive Network at Foley Hoag on April 1. The...more
The U.S. Department of Health and Human Services Office for Civil Rights (OCR) and the Office of the National Coordinator for Health Information Technology (ONC) have released version 3.4 of their Security Risk Assessment...more
The Notifications of Enforcement Discretion issued under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Health Information Technology for Economic and Clinical Health (HITECH) Act during the...more
5/15/2023
/ Coronavirus/COVID-19 ,
Department of Health and Human Services (HHS) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
HITECH Act ,
New Guidance ,
OCR ,
PHI ,
Public Health Emergency ,
Telehealth ,
Telemedicine
Like many regulatory standards, enforcement of HIPAA was relaxed as part of the COVID-19 pandemic response. With the end of the public health emergency declaration on May 11, 2023, the broad relaxed HIPAA enforcement also...more
On November 14, 2022, the Massachusetts Department of Public Health (DPH) issued Public Health Emergency Order No. 2022-21, which immediately rescinded other public health emergency orders that were previously issued in...more
On February 4, 2022, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) posted FAQs designed to make clear that civil rights protections remain in full force and effect during disasters or...more
The Acting Massachusetts DPH Commissioner issued an order on August 26, 2021 authorizing the issuance of temporary licenses for certain providers and renewing the expedited process for issuing those temporary licenses....more
December 23, 2020 On December 22, 2020, in response to the escalating concerns about the potential of a post-Christmas COVID-19 surge like that experienced after Thanksgiving, Massachusetts Governor Charlie Baker issued...more
Halloween or HIPAA: Which is Scarier?
HIPAA and the Pandemic -
Telehealth:
- On Friday, March 20, 2020, OCR announced it will “exercise its enforcement discretion and will not impose penalties for noncompliance with...more
10/29/2020
/ Breach Notification Rule ,
California Consumer Privacy Act (CCPA) ,
Centers for Medicare & Medicaid Services (CMS) ,
Coronavirus/COVID-19 ,
Disclosure ,
First Responders ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Privacy Rule ,
Hospitals ,
New Guidance ,
Notification Requirements ,
OCR ,
Patient Access ,
Patients ,
PHI ,
SAMHSA ,
Telehealth ,
Virus Testing
In an effort to make it easier for laboratories to be reimbursed by insurers for COVID-19 testing, the Massachusetts Division of Insurance has issued a bulletin stating that it expects “carriers to relax” restrictions on...more
The Massachusetts Board of Registration in Medicine (BORIM) recently issued two orders that update prior guidance regarding licensure of physicians from outside Massachusetts and telemedicine...more
The Coronavirus Aid, Relief, and Economic Security Act (“CARES Act”) is a comprehensive economic relief plan designed to stabilize and uplift the American economy during the COVID-19 pandemic. It is unique not only because...more
4/3/2020
/ 1135 Waivers ,
Airlines ,
Amended Legislation ,
CARES Act ,
Direct Payments to Families and Individuals ,
Eviction ,
Families First Coronavirus Response Act (FFCRA) ,
Federal Grants ,
Federal Loans ,
Financial Assistance Policies ,
Foreclosure ,
Health Care Providers ,
Medical Supplies ,
Moratorium ,
Paycheck Protection Program (PPP) ,
Small Business Loans ,
Student Loans ,
Tax Credits ,
Tax Deferral ,
Telehealth
The coronavirus and Covid-19 are impacting everything and everyone, and certainly health information privacy. Here is a useful summary of health information issues to be mindful of from HHS OCR on HIPAA privacy and the...more
For the first time in over a decade, the U.S. Department of Education (DoE) and the Office for Civil Rights at the U.S. Department of Health and Human Services (OCR) have released updated joint guidance addressing the...more
12/23/2019
/ Colleges ,
Consent ,
Department of Education ,
Department of Health and Human Services (HHS) ,
Educational Institutions ,
FERPA ,
Health Care Providers ,
HIPAA Privacy Rule ,
New Guidance ,
OCR ,
PHI ,
Student Privacy ,
Student Records ,
Students ,
Universities ,
Written Consent
Physicians Talking With Their Domestic Partners About Patients -
? Health care institutions often require that physicians and medical students click through annual online modules or attend lectures about HIPAA.
- But...more
11/4/2019
/ California Consumer Privacy Act (CCPA) ,
Centers for Medicare & Medicaid Services (CMS) ,
Cybersecurity ,
Data Collection ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Privacy Rule ,
New Rules ,
Patient Privacy Rights ,
PHI ,
SAMHSA
A recent report from the Mass Digital Health Council includes a cybersecurity toolkit created by MDHC’s Cybersecurity Group of Experts (CGE). The toolkit will enable faster clinical adoption of new digital health products,...more
Yesterday, in the first settlement of its kind, the Office for Civil Rights at the U.S. Department of Health and Human Services (“OCR”) announced that Bayfront Health St. Petersburg (“Bayfront”) has paid $85,000 to OCR and...more
In a Notification of Enforcement Discretion Regarding HIPAA Civil Money Penalties issued on April 23, 2019, the Department of Health and Human Services (HHS) exercised “its discretion in how it applies HHS regulations...more
"Open the pod door, HAL"
• Commercial voice-activated intelligent personal assistants from Amazon, Apple, Google, and Microsoft, among others, are growing in popularity.
• A report from NPR and Edison Research states...more
2/28/2019
/ Confidential Communications ,
Connected Items ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Electronic Medical Records ,
Electronic Protected Health Information (ePHI) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Hospitals ,
Mobile Apps ,
Oral Communications ,
Patient Privacy Rights ,
Personal Assistants ,
Physicians ,
Privacy Concerns ,
Security Rule ,
Smart Devices ,
Technology Sector ,
Telecommunications
Following President Trump’s declaration of a nationwide public health emergency regarding the opioid crisis, the HHS Office for Civil Rights has released new guidance on when and how health care providers can share a...more
Does your business collect and share consumer health information? Check out these tips from the FTC for complying with HIPAA and the FTC Act....more
On December 5, 2014, the Centers for Medicare & Medicaid Services (CMS) issued a final rule titled “Requirements for Medicare Incentive Reward Program and Provider Enrollment” (“the Rule”). The Rule implemented several...more