To ensure Medicare beneficiaries have access to necessary care without risking exposure to COVID-19, the Centers for Medicare & Medicaid Services (CMS) has further expanded telehealth services and relaxed certain requirements related to the same with the issuance of additional waivers (available here) and an interim final rule (IFR) available here.… Continue Reading
Healthcare providers are under siege, not only from the COVID-19 pandemic, but also from cyber criminals. Following reports of targeted email phishing attempts, the FBI issued a FLASH alert warning healthcare providers on April 21, 2020, that they are at heightened risk for cyber attacks that use COVID-19 as bait. The FBI’s FLASH alert follows … Continue Reading
Unsurprisingly, COVID-19 has created a great degree of liberalization in the telehealth requirements previously in place. What has not changed is the fact that telehealth services are governed by a number of different laws and regulations, all of which are constantly changing – now more than ever. In addition to the multiple changes at the federal … Continue Reading
Computer hacking, and the permutation of crimes that can be committed by hackers, generally does not spur images of infliction of physical harm. However, in a chilling turn of events, computer hackers have opened a new front in the damage that can be inflicted through cybercrime. In a nefarious series of developments, cyber-liabilities now arise … Continue Reading
In May of 2018, the European Union enacted the General Data Protection Rules, or GDPR, a legal framework that outlines not only how companies may collect and process personal information of EU residents, but how that data is stored and used. Since its enactment, GDPR has triggered a global push towards compliance with those standards. … Continue Reading
Congress has long attempted to grapple with issues of cyber-security, both within the healthcare field, and generally in the United States. The Health Insurance Portability and Accountability Act (HIPAA), as well as the Health Information Technology for Economic and Clinical Health Act (HITECH) have provided significant compliance requirements for healthcare entities in the area of … Continue Reading
It is safe to say that there has been much fear and confusion over the European Union (EU) General Data Protection Rule, or GDPR. With an effective date of May 25, 2018, and little guidance as to how the GDPR applies to organizations that do not have a physical presence in the EU or do … Continue Reading
Last week, a federal court in Illinois encountered another example of unexpected events causing problematic privacy and data storage implications for a healthcare company. The non-profit organization responsible for maintaining the MetroChicago Health Information Exchange (the HIE) filed suit against its information technology support contractor and the contractor’s owner to prevent the contractor’s plan to … Continue Reading
Just in time for the Phase 2 audits, the Department of Health and Human Services Office for Civil Rights (OCR) quietly posted the updated HIPAA Audit Protocol on its website. The new audit protocol has been updated to include business associates who became subject to HIPAA following the 2013 HIPAA Omnibus Final Rule. The protocol … Continue Reading
On December 17, 2014, the Centers for Medicare and Medicaid Services (“CMS”) announced that there would be reductions in Medicare reimbursement for health care providers who do not meet the CMS electronic health record (“EHR”) incentive program’s meaningful use requirements. This announcement comes in the wake of CMS’ decision in October to extend the hardship … Continue Reading
Social media can be an effective and easy way to connect with friends and professional contacts. However, it can also serve as a tool for institutions and principal investigators involved in enrolling subjects in clinical research to connect with prospective patients and subjects for clinical trial recruitment. The research shows that, to-date, there has not … Continue Reading
Effective April 9, 2014, Microsoft will no longer provide technical support or security updates for the Windows XP operating system. According to Microsoft, personal computers running Windows XP after April 8, 2014 should not be considered to be protected. This announcement means that covered entities and business associates under the Health Insurance Portability and Accountability … Continue Reading
On September 24, 2013, the Food and Drug Administration (FDA) finalized a new rule requiring medical devices to bear special ID numbers. The numbers, called Unique Device Identifiers or UDIs, will identify the manufacturer, the specific model of a device, and other information such as batch or lot codes, serial numbers, and expiration dates. The … Continue Reading
According to a new report from healthcare market research firm Kalorama Information, the market for Electronic Medical Records (EMRs) was $20.7 billion in 2012, up 15 percent from $17.9 billion in 2011. The EMR market includes revenues from EMR and Computerized Physician Order Entry (CPOE) systems as well as directly-related services such as installation, training, … Continue Reading
