Category: Data Privacy and Security

HIPAA on the Horizon in the New Year: Important Lessons from an Active 2023 and Regulatory Initiatives to Watch for in 2024

2023 marked 20 years since the first compliance deadline under the Health Insurance Portability and Accountability Act’s (“HIPAA”) privacy rule. Despite the two decades of experience with HIPAA, compliance continues to remain a challenge for HIPAA-covered entities as well as for their business associates. 2023 brought a large number of important HIPAA-related developments and lessons-learned...

Privacy of Substance Use Disorder Records and The CARES Act: Steps Toward Harmonizing Part 2 Privacy Laws with HIPAA

The recently-enacted Coronavirus Aid, Relief, and Economic Security Act (the “CARES Act”) is generally known for providing relief funds and other resources to help individuals, small businesses, state and local governments, and hospitals and healthcare providers address the COVID-19 public health emergency.  However, among the lesser-known of the CARES Act provisions are changes to federal...

A Massive Number of New Health Law Regulatory Proposals as Part of the “Regulatory Sprint to Coordinated Care”: Proposed Changes to the Stark Law, Anti-Kickback Statute, Beneficiary Inducement CMP, Privacy Laws Governing Substance Use Disorder Records, and the Stark Law Advisory Opinion Process

Today, the Centers for Medicare & Medicaid Services (CMS) and the Department of Health and Human Services (HHS) Office of Inspector General (OIG) each released their long-anticipated proposed rules to revise the federal self-referral law (or “Stark Law”) regulations, the safe harbors under the federal anti-kickback statute (AKS), and the civil monetary penalty law (CMP)...

CMS “Actively Working” on Stark Law Reforms to be Issued Later this Year; “Regulatory Sprint to Coordinated Care” Continues

The Centers for Medicare & Medicaid Services (CMS) is “actively working” on updates to regulations under the federal physician self-referral law (or “Stark Law”), according to CMS Administrator Seema Verma during a March 4, 2019 speech. Verma stated that the updated regulations will be issued later this year, and “will represent the most significant changes...

HIMMS, Chronic Care Management, and the Top 5 Overlooked Items

Harnessing existing digital health solutions to improve chronic care management was a prominent topic at HIMMS this year (amongst many others, including AI and cybersecurity, both of which we will cover in upcoming blog posts). While this is not a new topic, it was particularly “buzzy” this year due to the ever-increasing number of large...

Cybersecurity Task Force Issues Report on Improving Cybersecurity in the Health Care Industry

The Cybersecurity Act of 2015 established the Health Care Industry Cybersecurity Task Force to respond to severe cyber-attacks within the rapidly-expanding information technology (“IT”) aspect of health care. Section 405(c) of the Act required the Task Force to research and develop a report summarizing the vulnerabilities in health care IT. On June 2nd, 2017, the...