Category

Health Privacy

15 February 2016

ALJ Upholds Civil Monetary Penalty Imposed by the Office for Civil Rights

On February 3, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced that an HHS administrative law judge (ALJ) ordered Lincare, Inc., a home health provider of respiratory care, infusion therapy and medical equipment, to pay $239,800 in civil monetary penalties (CMPs) for violating the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule. The violations were disclosing patient information to an unauthorized person, failing to take reasonable safeguards to protect patient information from unauthorized disclosure and failing to implement adequate policies and procedures to protect patient information removed from its offices. This marks only the second time that OCR has imposed CMPs for HIPAA violations.

(more…)

EmailShare
11 January 2016

Top Ten Data Protection and Privacy Issues to Watch in 2016

*This post originally appeared in Law360 on January 7, 2016.

While 2015 was a big year in data, 2016 may prove to be even bigger.  Many hot button and game changing topics are being debated in legislative bodies and campaign trails, regulators are focused, and privacy-related litigation continues to rise. Below, we count down the top ten cybersecurity, data protection and privacy issues to watch in 2016.

(more…)

EmailShare
07 January 2016

Patient Access and Medicare Protection Act

On December 28, 2015, President Obama signed into law S. 2425, the Patient Access and Medicare Protection Act (the “Act”).  In addition to provisions intended to ensure that Medicare reimbursement policies promote continued access to certain durable medical equipment, like wheelchair accessories, the Act includes provisions that affect adoption of Health Information Technology (“HIT”) and those that provide greater protection against medical identity theft.  Specifically, the Act recognizes various categories of hardship exceptions from meaningful use requirements for the 2015 reporting period and strengthens the penalties associated with medical identity theft.

(more…)

EmailShare
21 December 2015

Cybersecurity Act of 2015 Signed Into Law

On December 18, President Obama signed into law an omnibus spending package for 2016 that included the Cybersecurity Act of 2015 (known in former versions as the Cybersecurity Information Sharing Act). After years of debate, the Cybersecurity Act establishes a framework to facilitate and encourage confidential two-way private sector sharing of cyberthreat information with the federal government and provides liability shields for cyberthreat information sharing, as well as for specific actions undertaken to defend or monitor corporate networks. The Cybersecurity Act also designates the Department of Homeland Security (DHS) to coordinate cyberthreat information sharing.

The Cybersecurity Act has important implications for cooperation among industry participants and with regulatory agencies in development of effective cybersecurity programs. Public-private cyberthreat information sharing is an important step to improve companies’ defenses and responses to the changing cyberthreat landscape. Though the Act is effective immediately, the attorney general and DHS secretary must release guidelines within 90 days.

(more…)

EmailShare
25 November 2015

Employee of Pharmaceutical Manufacturer Criminally Charged with Wrongful Disclosure of Patient Information for Marketing Purpose

On October 16, the United States Attorney’s Office for the District of Massachusetts filed a criminal information against a former Warner Chilcott district manager alleging that he had obtained and used patient protected health information (PHI) in violation of the criminal provisions of the Health Insurance Portability and Accountability Act of 1996 (HIPAA). The information alleges that this criminal violation occurred in connection with a scheme to promote Warner Chilcott’s osteoporosis drug Atelvia. The charge against former employee Landon Eckles is significant because it appears to be the first time a criminal prosecution under HIPAA has been brought against an employee of a pharmaceutical manufacturer for an alleged HIPAA privacy violation. Eckles pleaded guilty to the charges on November 12.

(more…)

EmailShare
09 November 2015

Senate Passes Cybersecurity Legislation, Differences to be Worked Out with House Bills

On October 27, 2015, the Senate passed S. 754, the Cybersecurity Information Sharing Act (“CISA”), with bi-partisan support. Although some raised privacy concerns, CISA received backing from the Administration and support from many industry participants. The Senate bill must be reconciled with similar bills in the House (H.R. 1560 and H.R. 1731) before a conference version is produced. This process may be contentious as privacy advocates seek to strengthen protections for personal information, and Senator Richard Burr, Chairman of the Senate Intelligence Committee and co-sponsor of CISA, indicated that the conferencing process is unlikely to produce a resolution before January 2016.

(more…)

EmailShare
14 October 2015

OCR Launches HIPAA Portal for Mobile Health Developers

On Monday, October 5, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) released an online platform for mobile health developers and others interested in the intersection of information technology and health information privacy and security. Interested parties can submit questions and comments on issues related to compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA).

(more…)

EmailShare
14 September 2015

PLI Issues Cybersecurity Treatise

The Practising Legal Institute has published “Cybersecurity: A Practical Guide to the Law of Cyber Risk,”  a treatise edited by Ed McNicholas and Vivek Mohan of Sidley Austin LLP.   This “Sidley on Cybersecurity” treatise sets out in a clear and readable manner the complex legal framework for cybersecurity in the United States.  We hope that it will be a practical legal guide for in-house attorneys, IT leaders, senior executives, and corporate directors concerned about cybersecurity risk.

(more…)

EmailShare
15 July 2015

Precision Medicine Initiative: Proposed Privacy & Trust Principles

The White House is soliciting public comments on its Proposed Privacy and Trust Principles (the Proposed Principles) for the Precision Medicine Initiative (PMI). PMI is a federal initiative to support research, technology and policies that enable the development of individualized treatments, and is backed by a $215 million investment under President Obama’s 2016 Budget.

(more…)

EmailShare
XSLT Plugin by BMI Calculator