News & Analysis as of

Covered Entities

House Energy and Commerce Report Recommends Reform and Increased Oversight of the 340B Drug Pricing Program

by King & Spalding on

On January 10, 2018, the House Energy and Commerce (E&C) Committee released a report calling for major reforms to the 340B Drug Pricing Program (340B program). Administered by the Health Resources and Services Administration...more

Lessons Learned from Recent OCR HIPAA Audits

Covered entities, including employer sponsored health plans, should brace for audits and enforcement of the Privacy, Security, and Breach Notification rules by the Department of Health & Human Service Office of Civil Rights...more

HHS Office for Civil Rights Releases Research-Related HIPAA Guidance Required by 21st Century Cures Act

by Ropes & Gray LLP on

In December 2017, the U.S. Department of Health and Human Services Office for Civil Rights (“HHS OCR”) released two sets of guidance mandated by the 21st Century Cures Act, which was enacted in 2016 (the “Act”). The guidance...more

Court Rules Against 340B Hospitals, Allows Medicare Reimbursement Cuts to Go Forward

by Foley & Lardner LLP on

On Friday, December 29, 2017, the U.S. District Court for the District of Columbia dealt a blow to hospitals participating in the 340B Drug Pricing Program. By participating in the 340B program, eligible public and...more

New York DFS Cybersecurity Regulation Update: Lots Left To Do

by Locke Lord LLP on

Insurers and producers, banks, lenders and others licensed by the New York Department of Financial Services (DFS) have already had to comply with several of the requirements of the new DFS Cybersecurity Regulation, but for...more

Top 5 Common HIPAA Mistakes To Avoid In 2018

by Fox Rothschild LLP on

Heading into its 22nd year, HIPAA continues to be misunderstood and misapplied by many, including health care industry professionals who strive for (or at least claim the mantle of) HIPAA compliance. Here is my “top 5” list...more

HIPAA Enforcement Update

by Locke Lord LLP on

With respect to enforcement, the Department of Health and Human Services, Office for Civil Rights (OCR) announced two Settlement Agreements to resolve allegations of HIPAA violations between May and October of 2017. Neither...more

OCR Warns Health Care Industry of Risks with Previous Employees

In its November newsletter, the Office for Civil Rights (OCR) made a great point that we are seeing in the industry—the risks associated with previous employees. According to its newsletter, entitled “Insider Threats and...more

The 340B Drug Pricing Program: New CMS Final Rule Draws a Motion for Preliminary Injunction from Hospital Groups

On November 13, 2017, the Centers for Medicare & Medicaid Services (CMS) issued the final rule, “Medicare Program: Hospital Outpatient Prospective Payment and Ambulatory Surgical Center Payment Systems and Quality Reporting...more

Lessons To Be Learned From The Breach Of Nearly 500,000 Individual Health Records Reported In September 2017

by Jackson Lewis P.C. on

A recent report indicates that nearly 500,000 individual health records were breached in September 2017. This figure is taken from the 39 healthcare data breaches involving more than 500 records that were reported to the...more

An In-Depth Look at New York’s New Data Security Bill

First in a two-part series. As we reported last week, New York Attorney General Eric T. Schneiderman has introduced a bill aimed at protecting New Yorkers from data breaches. The Stop Hacks and Improve Data Security Act or...more

OCR Clarifies Privacy Rule for Sharing PHI on Opioid Overdoses

In the wake of the national opioid overdose crisis, the Office for Civil Rights (OCR) has provided clarification on when covered entities are permitted to disclose patient information during opioid emergencies....more

HIPAA Check: Do You Know What to Do if a Breach Happens to You?

by Williams Mullen on

Breaches happen. They happen to major health systems, and they happen to solo practitioners. They happen to health plans, and they happen to health information technology vendors. In our technology-reliant world, it would be...more

340B Update: CMS Finalizes 340B Program Reimbursement Cut on Part B Drugs

by K&L Gates LLP on

On November 1, 2017, the Centers for Medicare and Medicaid Services (“CMS”) issued a final rule updating the Medicare hospital Outpatient Prospective Payment System (“OPPS”) for the calendar year 2018. As part of this update,...more

Clinical trials Part II: Privacy, cybersecurity risks, and managing ePHI

by Thompson Coburn LLP on

The ongoing digitization of the drug and medical device industries continues, and, as a result, new considerations have come to the forefront for companies engaged in clinical trials. In Part 1 of this series, we described a...more

CMS Finalizes Medicare Part B Reimbursement Cut for 340B – What Does it Mean?

On November 1, 2017, CMS announced that it is in fact cutting Medicare Part B reimbursement for 340B drugs to the tune of $1.6 billion. To be accurate, what CMS announced is its intent to finalize proposed rule changes to the...more

Six Key Follow-Up Questions Asked by Congress in 340B Hearing

Earlier this month the House Energy and Commerce Committee’s subcommittee on Government Oversight and Investigations held its second hearing on the 340B Drug Discount Program. The hearing followed on the heels of a July 18th...more

Oregon Court Upholds Public University’s Refusal to Release Patient Tort Claimant Names

On October 19, 2017, the Oregon Supreme Court denied a public records request by The Oregonian Publishing Company, LLC (The Oregonian), a newspaper, to Oregon Health and Sciences University (OHSU), a public health and...more

Building a Health App? Part 6: HIPAA and Other Privacy and Security Considerations

Consumers are increasingly turning to health apps for a variety of medical and wellness-related purposes. This has in turn caused greater amounts of data—including highly sensitive information—to flow through these apps....more

NY DFS Cybersecurity Exemption Filings due October 30

by Locke Lord LLP on

October 30, 2017 is the extended deadline for most Covered Entities claiming an exemption to file the Notice of Exemption required by the NY DFS Cybersecurity Regulation (23 NYCRR 500.19(e)). The filing deadline is 30 days...more

Is it HIPAA or HIPPA? Either way, it still applies.

by Winstead PC on

I have negotiated hundreds of SaaS agreements for dozens of software companies and I always hated when the company on the other side was a healthcare provider. Invariably, they would bring up Protected Health Information...more

ACA’s Nondiscrimination Taglines and Notices Require Updating Your Notice of Privacy Practices

by Davis Wright Tremaine LLP on

There has been confusion as to whether the Affordable Care Act’s nondiscrimination provision (“ACA”) affects a covered entity’s notice of privacy practices (“NPP”) or data breach notifications. OCR has issued guidance...more

Don’t Forget HIPAA’s “Minimum Necessary” Rule When Making Health Information Disclosures

by Nossaman LLP on

When Covered Entities or Business Associates or their counsel analyze whether a particular disclosure of Protected Health Information (or “PHI,” as defined in HIPAA) is permissible, they should be sure also to analyze whether...more

[Webinar] - Your Money or Your PHI: HHS "Guidance" on Ransomware - October 10th, 1:00pm CT

In recent years, HIPAA enforcement actions and penalties have increased both in volume and amount. Ransomware is the fastest growing malware threat to businesses that use electronic data. This webinar will provide listeners...more

Cyber Winter is Here, and Coming to Regulation: New York Cybersecurity Rule Ice Dragon Heading for the Wall

The State of New York’s response to two large cybersecurity breaches may fuel the transformation of the state regulation of corporate cybersecurity in the U.S. Unlike typical state data breach statutes which focus on...more

759 Results
|
View per page
Page: of 31
Cybersecurity

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.