News & Analysis as of

Covered Entities

The 340B Drug Pricing Program: New CMS Final Rule Draws a Motion for Preliminary Injunction from Hospital Groups

On November 13, 2017, the Centers for Medicare & Medicaid Services (CMS) issued the final rule, “Medicare Program: Hospital Outpatient Prospective Payment and Ambulatory Surgical Center Payment Systems and Quality Reporting...more

Lessons To Be Learned From The Breach Of Nearly 500,000 Individual Health Records Reported In September 2017

by Jackson Lewis P.C. on

A recent report indicates that nearly 500,000 individual health records were breached in September 2017. This figure is taken from the 39 healthcare data breaches involving more than 500 records that were reported to the...more

An In-Depth Look at New York’s New Data Security Bill

First in a two-part series. As we reported last week, New York Attorney General Eric T. Schneiderman has introduced a bill aimed at protecting New Yorkers from data breaches. The Stop Hacks and Improve Data Security Act or...more

OCR Clarifies Privacy Rule for Sharing PHI on Opioid Overdoses

In the wake of the national opioid overdose crisis, the Office for Civil Rights (OCR) has provided clarification on when covered entities are permitted to disclose patient information during opioid emergencies....more

HIPAA Check: Do You Know What to Do if a Breach Happens to You?

by Williams Mullen on

Breaches happen. They happen to major health systems, and they happen to solo practitioners. They happen to health plans, and they happen to health information technology vendors. In our technology-reliant world, it would be...more

340B Update: CMS Finalizes 340B Program Reimbursement Cut on Part B Drugs

by K&L Gates LLP on

On November 1, 2017, the Centers for Medicare and Medicaid Services (“CMS”) issued a final rule updating the Medicare hospital Outpatient Prospective Payment System (“OPPS”) for the calendar year 2018. As part of this update,...more

Clinical trials Part II: Privacy, cybersecurity risks, and managing ePHI

by Thompson Coburn LLP on

The ongoing digitization of the drug and medical device industries continues, and, as a result, new considerations have come to the forefront for companies engaged in clinical trials. In Part 1 of this series, we described a...more

CMS Finalizes Medicare Part B Reimbursement Cut for 340B – What Does it Mean?

On November 1, 2017, CMS announced that it is in fact cutting Medicare Part B reimbursement for 340B drugs to the tune of $1.6 billion. To be accurate, what CMS announced is its intent to finalize proposed rule changes to the...more

Six Key Follow-Up Questions Asked by Congress in 340B Hearing

Earlier this month the House Energy and Commerce Committee’s subcommittee on Government Oversight and Investigations held its second hearing on the 340B Drug Discount Program. The hearing followed on the heels of a July 18th...more

Oregon Court Upholds Public University’s Refusal to Release Patient Tort Claimant Names

On October 19, 2017, the Oregon Supreme Court denied a public records request by The Oregonian Publishing Company, LLC (The Oregonian), a newspaper, to Oregon Health and Sciences University (OHSU), a public health and...more

Building a Health App? Part 6: HIPAA and Other Privacy and Security Considerations

Consumers are increasingly turning to health apps for a variety of medical and wellness-related purposes. This has in turn caused greater amounts of data—including highly sensitive information—to flow through these apps....more

NY DFS Cybersecurity Exemption Filings due October 30

by Locke Lord LLP on

October 30, 2017 is the extended deadline for most Covered Entities claiming an exemption to file the Notice of Exemption required by the NY DFS Cybersecurity Regulation (23 NYCRR 500.19(e)). The filing deadline is 30 days...more

Is it HIPAA or HIPPA? Either way, it still applies.

by Winstead PC on

I have negotiated hundreds of SaaS agreements for dozens of software companies and I always hated when the company on the other side was a healthcare provider. Invariably, they would bring up Protected Health Information...more

ACA’s Nondiscrimination Taglines and Notices Require Updating Your Notice of Privacy Practices

by Davis Wright Tremaine LLP on

There has been confusion as to whether the Affordable Care Act’s nondiscrimination provision (“ACA”) affects a covered entity’s notice of privacy practices (“NPP”) or data breach notifications. OCR has issued guidance...more

Don’t Forget HIPAA’s “Minimum Necessary” Rule When Making Health Information Disclosures

by Nossaman LLP on

When Covered Entities or Business Associates or their counsel analyze whether a particular disclosure of Protected Health Information (or “PHI,” as defined in HIPAA) is permissible, they should be sure also to analyze whether...more

[Webinar] - Your Money or Your PHI: HHS "Guidance" on Ransomware - October 10th, 1:00pm CT

In recent years, HIPAA enforcement actions and penalties have increased both in volume and amount. Ransomware is the fastest growing malware threat to businesses that use electronic data. This webinar will provide listeners...more

Cyber Winter is Here, and Coming to Regulation: New York Cybersecurity Rule Ice Dragon Heading for the Wall

The State of New York’s response to two large cybersecurity breaches may fuel the transformation of the state regulation of corporate cybersecurity in the U.S. Unlike typical state data breach statutes which focus on...more

Cyber Winter is Here, and Coming to Regulation: The New York Rules and the Future of Cybersecurity Regulation

The State of New York’s response to two large cybersecurity breaches may fuel the transformation of the state regulation of corporate cybersecurity in the U.S. Unlike typical state data breach statutes which focus on...more

New York DFS Cybersecurity Regulation Update: Lots Left To Do

by Locke Lord LLP on

Insurance companies and producers, banks, lenders and others licensed by the New York Department of Financial Services (DFS) have already had to comply with several of the requirements of the new DFS Cybersecurity Regulation,...more

Are You In Compliance With The Notice Requirements of the Nondiscrimination Rules?

by Womble Bond Dickinson on

Section 1557 of the Affordable Care Act prohibits discrimination on the basis of race, color, national origin, sex, age, or disability in certain health programs or activities. Covered Entities that receive Federal financial...more

Newly Adopted Fed Rules Will Limit Buy-Side Remedies in a Financial Institution Failure

by Ropes & Gray LLP on

The Board of Governors of the Federal Reserve System (the “Board”) has adopted final rules1 that represent a significant shift in the terms of over-the-counter derivatives, repurchase and reverse repurchase transactions and...more

Enhanced HHS HIPAA Breach Reporting Tool May Aid Health Care Industry Data Security Efforts

by Jackson Lewis P.C. on

Secretary Tom Price of the U.S. Department of Health and Human Services (HHS) announced his agency needs “to focus more on the most recent breaches and clarify when entities have taken action to resolve the issues that might...more

HHS Issues Limited Waiver of HIPAA Sanctions Post-Hurricane Harvey

The U.S. Department of Health and Human Services (HHS) has used its authority to waive certain provisions of HIPAA in response to Hurricane Harvey. HHS previously declared a public health emergency in Texas and Louisiana...more

Hurricane Harvey, HIPAA, and Access to Health Information

Hurricane Harvey has been pummeling the Gulf Coast since Monday, with nearly 52 inches of rainfall in parts of Texas. The storm has displaced thousands of people from their homes and has resulted in over 30 reported deaths....more

New York DFS Cyber Rules Go Live: Here’s Your Roadmap

by Orrick - Trust Anchor on

August 28, 2017 marks the end of the initial 180-day grace period for compliance under the New York Department of Financial Services’ “first-in-the-nation” cybersecurity regulations (the “Rules”). The initial regulations...more

751 Results
|
View per page
Page: of 31
Cybersecurity

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.