On February 8, 2024, the Centers for Medicare and Medicaid Services (CMS) released a memorandum from the Quality, Safety & Oversight Group (QSOG) updating its 2018 guidance on texting patient information among healthcare...more
Key Points -
President Biden’s eagerly-awaited executive order (EO) on artificial intelligence (AI) tasks the Department of Health & Human Services (HHS) with promoting responsible AI innovation, development and use,...more
11/13/2023
/ Abbreviated New Drug Application (ANDA) ,
Artificial Intelligence ,
Critical Infrastructure Sectors ,
Cybersecurity ,
Department of Health and Human Services (HHS) ,
Executive Orders ,
Food and Drug Administration (FDA) ,
FTC Act ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
HITECH Act ,
Joe Biden ,
Life Sciences ,
Machine Learning ,
ONC ,
Popular
On April 27, 2023, Washington Governor Jay Inslee signed the My Health My Data Act (the “Act”) into law, establishing new limits on the collection, use and sharing of “consumer health data” and creating numerous compliance...more
On February 1, 2023, the Federal Trade Commission (FTC) announced that it had taken enforcement action against prescription drug discount company GoodRx, which agreed to injunctive relief and to pay a $1.5 million civil...more
To account for legal developments since our last FAQ concerning employer COVID-19 vaccination policies, we provide updated answers to questions and address additional questions about discrimination, wage and hour, collective...more
8/9/2021
/ Americans with Disabilities Act (ADA) ,
Civil Rights Act ,
Coronavirus/COVID-19 ,
Employee Incentive Plans ,
Employer Liability Issues ,
Employment Policies ,
Equal Employment Opportunity Commission (EEOC) ,
GINA ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Infectious Diseases ,
NLRB ,
Pregnancy Discrimination Act (PDA) ,
Public Readiness and Emergency Preparedness Act (PREP Act) ,
Reasonable Accommodation ,
Title VII ,
Vaccinations ,
Workplace Safety
On March 9, 2021, the U.S. Department of Health and Human Services Office for Civil Rights announced that the public comment period for the HIPAA proposed privacy rule would be extended until May 6, 2021. The rulemaking was...more
On January 21, 2020, the far-reaching HIPAA Privacy Proposed Rule, initially released on December 10, 2020, was published in the Federal Register. Despite speculation that the publication timeline would be altered when the...more
3/3/2021
/ Business Associates ,
Covered Entities ,
Cybersecurity ,
Data Protection ,
Data Security ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
OCR ,
PHI ,
Proposed Rules
Today, the far-reaching HIPAA Privacy Proposed Rule, initially released on December 10, 2020, was posted for public inspection on the Federal Register website. The rule is scheduled to be published in the Federal Register on...more
As COVID-19 continues to spread, health care providers, health plans and employers are facing difficult privacy questions as they attempt to balance privacy concerns against the need to protect patients, employees and...more
3/27/2020
/ Coronavirus/COVID-19 ,
Data Privacy ,
Employee Privacy Rights ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Infectious Diseases ,
Patient Privacy Rights ,
PHI ,
Privacy Laws ,
Privacy Policy ,
Public Health
Medical device and diagnostics companies and laboratories should anticipate significant legal, regulatory and market changes in 2020 that will have a lasting impact on the industry. From revisions to how the government...more
1/8/2020
/ Acquisitions ,
Artificial Intelligence ,
Biotechnology ,
Centers for Medicare & Medicaid Services (CMS) ,
CFIUS ,
Department of Health and Human Services (HHS) ,
Digital Health ,
EU ,
Export Controls ,
Food and Drug Administration (FDA) ,
General Data Protection Regulation (GDPR) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Innovation ,
Life Sciences ,
Machine Learning ,
Medical Devices ,
Mergers ,
Office of Foreign Assets Control (OFAC) ,
Patent-Eligible Subject Matter ,
Pharmaceutical Industry ,
Popular ,
Section 101 ,
USPTO
There are less than two weeks left to submit comments regarding potential updates to the privacy, security and breach notification regulations adopted under the Health Insurance Portability and Accountability Act of 1996 and...more
1/31/2019
/ Comment Period ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Data-Sharing ,
Department of Health and Human Services (HHS) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Notification Requirements ,
OCR ,
PHI ,
Public Comment ,
Request For Information
• The California Legislature passed SB 1121 to revise certain sections of the CCPA – the nation’s strictest privacy protection statute which provides Californians with a right to learn what personal information certain...more
9/10/2018
/ California Consumer Privacy Act (CCPA) ,
Civil Monetary Penalty ,
CMIA ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Protection ,
Enforcement ,
Exemptions ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Medical Records ,
Personally Identifiable Information ,
Popular ,
Privacy Laws ,
Private Right of Action ,
Time Extensions
• NAIC recently adopted an Insurance Data Security Model Law that follows the risk assessment-based approach of the New York DFS Cybersecurity Regulation. This signals the growing influence of the New York Regulation,...more
11/1/2017
/ Cyber Insurance ,
Cybersecurity ,
Data Security ,
Department of Financial Services ,
Health Insurance Portability and Accountability Act (HIPAA) ,
National Association of Insurance Commissioners ,
Non-Public Information ,
Notification Requirements ,
Personally Identifiable Information ,
Reinsurance ,
Risk Assessment ,
The Model Law ,
Third-Party Service Provider
A new study released on May 7, 2015, by the Ponemon Institute revealed that criminal cyberattacks on health care organizations were the most prevalent cause of data breaches in 2014. The report underscores the need to think...more