Last week the Supreme Court heard oral argument in a False Claims Act (“FCA”) case in which the Court is considering the validity of the so-called implied false certification theory. This theory attaches FCA liability when a...more
On March 21st, the HHS Office for Civil Rights (“OCR”) officially launched Phase 2 of the HIPAA Audit Program. Covered Entities and Business Associates need to be prepared for these audits and be on the lookout for emails...more
As reported in yesterday’s Boston Globe, compared to national averages, Massachusetts physicians are less likely to receive payments or items of value from pharmaceutical companies and less likely to be heavy prescribers of...more
As we have repeatedly emphasized on this blog, HIPAA Covered Entities must ensure that they have compliant business associate agreements (“BAAs”) in place with all of their business associates and must ensure that they have...more
In a chain of events that should be a wake-up call to any entity using and storing critical health information (and indeed, ANY kind of critical information), Hollywood Presbyterian Medical Center (“HPMC”) has announced that...more
In a chain of events that should be a wake-up call to any entity using and storing critical health information, Hollywood Presbyterian Medical Center (“HPMC”) has announced that it paid hackers $17,000 to end a malware attack...more
Recent enforcement actions by the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) have highlighted that, not surprisingly, Covered Entities should not leave medical records in a...more
As the year winds down, we look back with a mixture of nostalgia and queasiness on the major Health Insurance Portability and Accountability Act (HIPAA) events that defined 2015. Incredibly large data breaches became...more
Those wishing to comment on revisions to the Federal Policy for Protection of Human Subjects (known as the “Common Rule”) could add a 30-day comment period extension to the things they were grateful for at this year’s...more
This Halloween, the scariest monsters might not be in your closet or under your bed. They may be overseas, orchestrating intrusions into your electronic medical record. Or they may be lurking in your own workforce, carrying...more
10/30/2015
/ App Developers ,
Audits ,
Business Associates ,
Corrective Actions ,
Covered Entities ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Encryption ,
Fitbit ,
Hackers ,
Health Information Technologies ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Mobile Health Apps ,
OCR ,
OIG ,
Patient Privacy Rights ,
Personally Identifiable Information ,
PHI ,
Security Risk Assessments ,
Wearable Technology
Most health-care lawyers are accustomed to monitoring the high profile areas of regulatory enforcement in health care. However, many hospital lawyers, whether in-house or outside counsel, are unaware of the potential...more
10/23/2015
/ Centers for Medicare & Medicaid Services (CMS) ,
Certificates of Compliance ,
Civil Monetary Penalty ,
CLIA ,
Clinical Laboratory Testing ,
Department of Health and Human Services (HHS) ,
Diagnostic Tests ,
Food and Drug Administration (FDA) ,
Healthcare ,
Hospitals ,
Laboratories ,
Laboratory Developed Tests ,
Medicaid ,
Medicare ,
Sanctions
On September 25, 2015, the Centers for Medicare & Medicaid Services (CMS) announced publication of the proposed rule (the “Proposed Rule”) implementing substantial changes to the Medicare Clinical Laboratory Fee Schedule...more
9/29/2015
/ Centers for Medicare & Medicaid Services (CMS) ,
Clinical Laboratories ,
Comment Period ,
Cost-Sharing ,
Data Collection ,
Diagnostic Tests ,
Medicaid ,
Medicare ,
Medicare Part B ,
MPFS ,
PAMA ,
Proposed Regulation ,
Reimbursements ,
Reporting Requirements
After a summer that saw major data breaches at the Office of Personnel Management and UCLA Health System, this fall is a great time to take your organization back to school on HIPAA compliance and data security. Here are...more
8/27/2015
/ Business Associates ,
C-Suite Executives ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Employee Training ,
Health Insurance Portability and Accountability Act (HIPAA) ,
OCR ,
ONC ,
Security Risk Assessments
On July 7th, the House introduced much anticipated bipartisan telehealth legislation. The Medicare Telehealth Parity Act of 2015, introduced by Representative Mike Thompson (D-CA) and co-sponsored by Representatives Gregg...more
7/14/2015
/ Centers for Medicare & Medicaid Services (CMS) ,
Health Care Providers ,
Health Insurance ,
Healthcare ,
Healthcare Reform ,
Medicaid ,
Medicare ,
Patients ,
Pending Legislation ,
Physicians ,
Telehealth ,
Telemedicine
Late last week, Texas telemedicine practitioners received a temporary reprieve from a new regulation issued by the Texas Medical Board (the “Board”) when a Texas federal court prohibited implementation of the new rule that...more
The HHS Office of the National Coordinator for Health Information Technology (“ONC”) recently released a new and improved version 2.0 of their Guide to Privacy and Security of Electronic Health Information. This revamped...more
In early April, Colorado joined multiple other states in passing a biosimilar substitution law that addresses the circumstances under which an FDA-approved interchangeable biosimilar product may be substituted for the...more
A recently announced settlement between Anchorage Community Mental Health (“ACMHS”) and the U.S. Department of Health & Human Services Office for Civil Rights (“OCR”) emphasizes, once again, the importance of compliance with...more
On October 30, 2014, the Centers for Medicare and Medicaid Services (“CMS”) announced the procedure for applicable manufacturers and group purchasing organizations (“GPOs”) to report payment and ownership information that was...more
On October 24, 2014, the Office for Human Research Protections (OHRP) announced in the Federal Register that it has released, and is seeking comment on, its Draft Guidance on Disclosing Reasonably Foreseeable Risks in...more
As a service to our readers, we have distilled last week’s joint HHS Office of Civil Rights (OCR) and National Institute of Standards in Technology (NIST) conference, “Safeguarding Health Information: Building Assurance...more
As previously reported by the team from ML Strategies, one of the many telehealth developments to watch this year has been the Federation of State Medical Board’s (FSMB) Interstate Licensure Compact. On September 5, the...more
As my colleague Brian Dunphy previously reported, CMS temporarily closed the Open Payments system earlier this month. Open Payments is the online system through which pharmaceutical and device manufacturers covered by the...more
Drug and device manufacturers breathing a sigh of relief after completing their 2013 data submissions under the Physician Payment Sunshine Act (the “Sunshine Act’) must now contend with four proposed changes to the Sunshine...more
7/9/2014
/ Centers for Medicare & Medicaid Services (CMS) ,
Medicaid ,
Medical Devices ,
Medicare ,
Pharmaceutical Industry ,
Physician Medicare Reimbursements ,
Physician Payments ,
Physicians ,
Prescription Drugs ,
Proposed Regulation ,
Reporting Requirements
With the June 30 deadline for Phase 2 Sunshine Act reports by pharmaceutical and medical device manufacturers (“Applicable Manufacturers”) and group purchasing organizations (“GPOs’) quickly approaching, the Centers for...more