Some funding applications submitted to NIH beginning Jan. 25 will face new requirements and undergo a revised peer review process. To prepare investigators and institutions, NIH launched a dedicated website with details about...more
5/24/2024
/ Audits ,
Compliance ,
Department of Health and Human Services (HHS) ,
Draft Guidance ,
Food and Drug Administration (FDA) ,
Fund Applications ,
Grants ,
HHS Office of Research Integrity (ORI) ,
Informed Consent ,
Labeling ,
Logos ,
National Institute of Health (NIH) ,
National Science Foundation ,
Noncompliance ,
Prescription Drugs ,
Professional Misconduct ,
Required Documentation ,
Scientific Research ,
Terms and Conditions
United Healthcare Group (UHG) CEO Andrew Witty was in a board meeting on Feb. 21 when officials interrupted with the news that Change Healthcare—a clearinghouse UHG subsidiary Optum had purchased for $1.3 billion in October...more
5/13/2024
/ Business Associates ,
Covered Entities ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Department of Health and Human Services (HHS) ,
Hackers ,
Health Care Providers ,
Healthcare ,
Legislative Agendas ,
OCR ,
Patients ,
Personal Information ,
Popular ,
Privacy Laws ,
Regulatory Oversight ,
Regulatory Requirements
Organizations typically deal with ransomware attacks out of the public eye, but the massive scale of United Healthcare Group’s (UHG) February breach made that an impossibility. UHG CEO Andrew Witty was recently on the hot...more
5/13/2024
/ Breach Notification Rule ,
Cyber Attacks ,
Cyber Incident Reporting ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Healthcare Facilities ,
Incident Response Plans ,
Medical Records ,
Patients ,
Popular ,
Privacy Laws ,
Ransomware
Some funding applications submitted to NIH beginning Jan. 25 will face new requirements and undergo a revised peer review process. To prepare investigators and institutions, NIH launched a dedicated website with details about...more
5/2/2024
/ Centers for Medicare & Medicaid Services (CMS) ,
Clinical Trials ,
Department of Health and Human Services (HHS) ,
Food and Drug Administration (FDA) ,
Healthcare ,
Life Sciences ,
National Institute of Health (NIH) ,
National Science Foundation ,
OIG ,
Professional Misconduct ,
Research and Development ,
Scientific Research ,
The Common Rule
In December 2022, Julie Kaneshiro—then deputy director of the HHS Office for Human Research Protections (OHRP)—disclosed that the agency had 32 positions but that only 20 were filled, leaving 12 vacant or “on hold,” due to...more
In September 2015, while working in an office on the grounds of Mercy Hospital in Miami, Ivette Maria Portela Martinez learned about an upcoming clinical trial for treatment of symptoms of Clostridium difficile infections and...more
3/27/2024
/ Clinical Trials ,
Criminal Conspiracy ,
Criminal Convictions ,
Criminal Prosecution ,
Department of Justice (DOJ) ,
False Statements ,
Food and Drug Administration (FDA) ,
Health Care Providers ,
Healthcare ,
Investigations ,
Life Sciences ,
Medical Research ,
Pharmaceutical Industry ,
Popular ,
Research and Development ,
Scientific Research ,
Wire Fraud
Arguing that the National Science Foundation (NSF) was “intricately involved” when it made a $1.125 million fixed amount subaward, Oklahoma University (OU) objected to a recent finding by auditors for the NSF Office of...more
3/27/2024
/ Audits ,
Comment Period ,
Compliance ,
Draft Guidance ,
Food and Drug Administration (FDA) ,
Legislative Agendas ,
Life Sciences ,
National Science Foundation ,
Office for Human Research Protections (OHRP) ,
Proposed Legislation ,
Research and Development ,
SACHRP ,
Scientific Research
Although the HHS Office for Civil Rights (OCR) described its recent $4.75 million agreement with a Bronx, New York, hospital as settling a “malicious insider cybersecurity investigation,” the agency considered a total of 11...more
3/12/2024
/ Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Employees ,
Enforcement Actions ,
Health Care Providers ,
Healthcare ,
HIPAA Security Rule ,
HIPAA Violations ,
Hospitals ,
Internal Investigations ,
Popular ,
Risk Assessment ,
Settlement
The HHS Office of Research Integrity (ORI) gets an “A” for effort on its new proposed regulation revising research misconduct rules, but maybe a “D” overall. Most of the nearly 200 comments on the proposed rule posted online...more
The Association of American Universities (AAU) and the Council on Governmental Relations (COGR) are among a handful of groups “urging the Biden administration to rescind a policy proposal that would threaten the American...more
2/26/2024
/ Auditors ,
Audits ,
Bayh-Dole Act ,
Biden Administration ,
Compliance ,
Corrective Action Plans (CAPs) ,
Department of Health and Human Services (HHS) ,
Environmental Protection Agency (EPA) ,
Innovation Patent ,
Inventions ,
Inventors ,
Medical Records ,
National Security Agency (NSA) ,
NIST ,
OCR ,
OIG ,
Patents ,
Personal Data ,
Rescission ,
Research and Development ,
Settlement ,
Technology Sector ,
Universities
The HHS Office for Civil Rights (OCR) and other government agencies aren’t just worried that providers understand—and mitigate—the privacy and security risks of telehealth.
In fact, in 2022, the Government Accountability...more
2/9/2024
/ Centers for Medicare & Medicaid Services (CMS) ,
Compliance ,
Cyber Threats ,
Data Protection ,
Data Security ,
Department of Health and Human Services (HHS) ,
GAO ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Privacy Rule ,
OCR ,
PHI ,
Privacy Laws ,
Risk Assessment ,
Risk Management ,
Risk Mitigation ,
Telehealth
Moffitt Cancer Center’s recent $19.5 million settlement with the U.S. Department of Justice (DOJ) and the state of Florida resolving allegations that billing errors violated the False Claims Act (FCA) triggered a “fully...more
The Food and Drug Administration (FDA) is seeking strategies from Jeffrey W. Taub, M.D., to prevent future violations of human subject regulations the agency said were documented during site visits in September and October...more
1/30/2024
/ AAMC ,
Cancer ,
Cybersecurity ,
Department of Health and Human Services (HHS) ,
Food and Drug Administration (FDA) ,
GAO ,
Healthcare ,
Legislative Agendas ,
Life Sciences ,
Medical Research ,
National Institute of Health (NIH) ,
National Science Foundation ,
OSTP ,
Proposed Legislation ,
Proposed Regulation ,
Regulatory Requirements ,
Scientific Research ,
Technology
If the penultimate enforcement settlement of 2023 issued by the HHS Office for Civil Rights (OCR) sounds familiar, that’s with good reason. And the last one of the year should ring some bells, too....more
1/17/2024
/ Amended Rules ,
Corrective Action Plans (CAPs) ,
Cybersecurity ,
Department of Health and Human Services (HHS) ,
Employee Training ,
Enforcement Actions ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
HIPAA Breach ,
HIPAA Security Rule ,
HIPAA Violations ,
OCR ,
PHI ,
Policies and Procedures ,
Proposed Regulation ,
Regulatory Reform ,
Right-To-Access ,
Security Risk Assessments ,
Settlement
The Department of Commerce and the National Institute of Standards and Technology are requesting comments on a “draft guidance framework designed to help federal agencies evaluate when it may be appropriate to exercise...more
12/22/2023
/ Bayh-Dole Act ,
Comment Period ,
Compliance ,
Department of Health and Human Services (HHS) ,
Falsified Documents ,
Fraud ,
Healthcare ,
HHS Office of Research Integrity (ORI) ,
Inventions ,
Life Sciences ,
March-in-Rights ,
Medical Research ,
National Science Foundation ,
NIST ,
OIG ,
Patents ,
Scientific Research ,
Technology ,
U.S. Commerce Department ,
Universities ,
USPTO
At Cornell University, institutional review board (IRB) members meet with the chief information security officer and a liaison to the general counsel’s office. Their regular attendance has been “really critical,” said IRB...more
12/22/2023
/ Algorithms ,
Artificial Intelligence ,
Bots ,
Chief Information Security Officer (CISO) ,
Compliance ,
Data Protection ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Institutional Review Board (IRB) ,
Medical Research ,
Privacy Laws ,
Regulatory Oversight ,
Regulatory Requirements ,
Research and Development ,
Risk Management ,
Scientific Research ,
Universities
Report on Patient Privacy 23, no. 12 (December, 2023)
Spring 2020 was a terrifying period in the annals of COVID-19, and New York was at the epicenter. COVID-19 cases, and deaths, already the highest in the nation, were...more
12/8/2023
/ Coronavirus/COVID-19 ,
Corrective Action Plans (CAPs) ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Health Care Providers ,
HIPAA Privacy Rule ,
HIPAA Violations ,
Hospitals ,
Media ,
OCR ,
Patients ,
Personal Information ,
Photographs ,
Prior Authorization ,
Privacy Laws ,
Public Health Emergency ,
Settlement ,
Video
Report on Research Compliance 20, no. 12 (December 2023)
In a move that is unprecedented in recent memory, a federal agency has denied a request to extend the comment period on a substantive proposed rule, turning down a...more
11/27/2023
/ Comment Period ,
Compliance ,
Department of Health and Human Services (HHS) ,
Disclosure ,
Extensions ,
Food and Drug Administration (FDA) ,
HHS Office of Research Integrity (ORI) ,
Investigations ,
Life Sciences ,
Medical Research ,
National Institute of Health (NIH) ,
NPRM ,
Proposed Regulation ,
Regulatory Requirements ,
Rulemaking Process ,
Scientific Research ,
Universities
Report on Research Compliance 20, no. 12 (December 2023)
Although the National Science Foundation (NSF) allowed more than half the costs questioned by auditors for its Office of Inspector General (OIG), the California...more
11/27/2023
/ Audits ,
Compliance ,
Corporate Misconduct ,
Digital Health ,
Fraud ,
Healthcare ,
HHS Office of Research Integrity (ORI) ,
Life Sciences ,
National Science Foundation ,
OIG ,
Research and Development ,
Scientific Research ,
Technology Sector
Report on Patient Privacy 23, no. 11 (November, 2023)
Tim DiBona clearly remembers Christmas Eve 2018 when the staff of his small firm—Doctors’ Management Service (DMS)—arrived at their West Bridgewater, Mass., office to...more
11/10/2023
/ Compliance ,
Corrective Action Plans (CAPs) ,
Cyber Attacks ,
Cyber Incident Reporting ,
Cybersecurity ,
Data Breach ,
Data Management ,
Data Protection ,
Data Recovery ,
Electronic Protected Health Information (ePHI) ,
Fines ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
OCR ,
Popular ,
Ransomware ,
Risk Management
Report on Research Compliance 20, no. 11 (November, 2023)
It wasn't just China.
China is among the countries whose support for Stanford University investigators wasn’t reported to five federal research funding agencies,...more
10/26/2023
/ China ,
Compliance ,
Department of Justice (DOJ) ,
Disclosure ,
Educational Institutions ,
Failure To Disclose ,
False Claims Act (FCA) ,
Foreign Entities ,
Government Investigations ,
Investigations ,
Medical Research ,
National Science Foundation ,
OIG ,
Penalties ,
Popular ,
Research Funding ,
Settlement ,
Universities
Report on Research Compliance 20, no. 11 (November, 2023)
City University of New York (CUNY ) has accused neuroscientist Hoau-Yan Wang, a CUNY faculty member and longtime collaborator with embattled biotech firm Cassava...more
10/26/2023
/ Animal Testing ,
Clinical Trials ,
Compliance ,
Conflicts of Interest ,
False Statements ,
FCOI ,
Fraud ,
Investigations ,
Medical Research ,
National Institute of Health (NIH) ,
Office for Human Research Protections (OHRP) ,
Professional Misconduct ,
Regulatory Requirements ,
Research and Development ,
Research Funding ,
SACHRP ,
Scientific Research ,
Universities
Report on Patient Privacy 23, no. 10 (October, 2023)
By 2016, it should have been clear to HIPAA covered entities that a security risk analysis—and corresponding risk management plan—were compliance basics. Yet, a new...more
10/6/2023
/ Compliance ,
Covered Entities ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Disclosure Requirements ,
Electronic Protected Health Information (ePHI) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
OCR ,
Privacy Laws ,
Risk Assessment ,
Risk Management
Report on Research Compliance Volume 20, no. 10 (October, 2023)
Please don’t send uncorrected transcripts of interviews conducted via Zoom or other means to the National Science Foundation (NSF) Office of Inspector General...more
9/26/2023
/ Best Practices ,
Compliance ,
Documentation ,
Ethics ,
HHS Office of Research Integrity (ORI) ,
Internal Investigations ,
Investigations ,
National Science Foundation ,
OIG ,
Reporting Requirements ,
Research and Development ,
Universities ,
Zoom®
Report on Research Compliance Volume 20, no. 10 (October, 2023)
The HHS Secretary’s Advisory Committee on Human Research Protections (SACHRP) will have two new members when it meets this month. In an email sent to its...more
9/26/2023
/ Build America Investment Initiative ,
Compliance ,
Department of Health and Human Services (HHS) ,
Ethics ,
Falsified Documents ,
Federal Funding ,
Guidance Update ,
HHS Office of Research Integrity (ORI) ,
Infrastructure Investment and Jobs Act (IIJA) ,
Investigations ,
Office for Human Research Protections (OHRP) ,
OMB ,
Research and Development ,
Research Funding ,
SACHRP ,
Willful Misconduct