Computer hacking, and the permutation of crimes that can be committed by hackers, generally does not spur images of infliction of physical harm. However, in a chilling turn of events, computer hackers have opened a new front in the damage that can be inflicted through cybercrime. In a nefarious series of developments, cyber-liabilities now arise from remote manipulation of the … Continue Reading
In May of 2018, the European Union enacted the General Data Protection Rules, or GDPR, a legal framework that outlines not only how companies may collect and process personal information of EU residents, but how that data is stored and used. Since its enactment, GDPR has triggered a global push towards compliance with those standards. In the United States, there … Continue Reading
Congress has long attempted to grapple with issues of cyber-security, both within the healthcare field, and generally in the United States. The Health Insurance Portability and Accountability Act (HIPAA), as well as the Health Information Technology for Economic and Clinical Health Act (HITECH) have provided significant compliance requirements for healthcare entities in the area of data security. For the last … Continue Reading
It is safe to say that there has been much fear and confusion over the European Union (EU) General Data Protection Rule, or GDPR. With an effective date of May 25, 2018, and little guidance as to how the GDPR applies to organizations that do not have a physical presence in the EU or do not target their goods and … Continue Reading
Last week, a federal court in Illinois encountered another example of unexpected events causing problematic privacy and data storage implications for a healthcare company. The non-profit organization responsible for maintaining the MetroChicago Health Information Exchange (the HIE) filed suit against its information technology support contractor and the contractor’s owner to prevent the contractor’s plan to destroy all client data after … Continue Reading
Just in time for the Phase 2 audits, the Department of Health and Human Services Office for Civil Rights (OCR) quietly posted the updated HIPAA Audit Protocol on its website. The new audit protocol has been updated to include business associates who became subject to HIPAA following the 2013 HIPAA Omnibus Final Rule. The protocol covers Privacy Rule, Security Rule … Continue Reading
On December 17, 2014, the Centers for Medicare and Medicaid Services (“CMS”) announced that there would be reductions in Medicare reimbursement for health care providers who do not meet the CMS electronic health record (“EHR”) incentive program’s meaningful use requirements. This announcement comes in the wake of CMS’ decision in October to extend the hardship exception deadline – an exception … Continue Reading
Social media can be an effective and easy way to connect with friends and professional contacts. However, it can also serve as a tool for institutions and principal investigators involved in enrolling subjects in clinical research to connect with prospective patients and subjects for clinical trial recruitment.
The research shows that, to-date, there has not been a significant amount of … Continue Reading
Effective April 9, 2014, Microsoft will no longer provide technical support or security updates for the Windows XP operating system. According to Microsoft, personal computers running Windows XP after April 8, 2014 should not be considered to be protected.
This announcement means that covered entities and business associates under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) … Continue Reading
On September 24, 2013, the Food and Drug Administration (FDA) finalized a new rule requiring medical devices to bear special ID numbers. The numbers, called Unique Device Identifiers or UDIs, will identify the manufacturer, the specific model of a device, and other information such as batch or lot codes, serial numbers, and expiration dates. The UDIs are intended to improve … Continue Reading
According to a new report from healthcare market research firm Kalorama Information, the market for Electronic Medical Records (EMRs) was $20.7 billion in 2012, up 15 percent from $17.9 billion in 2011. The EMR market includes revenues from EMR and Computerized Physician Order Entry (CPOE) systems as well as directly-related services such as installation, training, servicing and consulting. A significant … Continue Reading