Health Law Advisor Thought Leaders On Laws And Regulations Affecting Health Care And Life Sciences

Category Archives: Health Information Technology

Subscribe to Health Information Technology RSS Feed

Disruptor Meets Regulator, and Regulator Wins: Lessons Learned from Theranos

On July 7, 2016, the Centers for Medicare and Medicaid Services (“CMS”) imposed several administrative penalties on Theranos, a clinical laboratory company that proposed to revolutionize the clinical laboratory business by performing multiple blood tests using a few drops of blood drawn from a finger rather than from a traditional blood draw that relies on needles and tubes. However, after inspecting the laboratory, CMS concluded that the company failed to comply with federal law and regulations governing clinical laboratories and it posed an immediate jeopardy to patient health and safety. CMS has revoked the CLIA certification of the company’s California … Continue Reading

FDA Issues Draft Guidance Encouraging More Widespread Use of Electronic Health Record Data in Clinical Trials

On May 17, 2016, FDA issued Draft Guidance for Industry on Use of Electronic Health Record Data in Clinical Investigations (“Draft Guidance”).  This Draft Guidance builds on prior FDA guidance on Computerized Systems Used in Clinical Investigations and Electronic Source Data in Clinical Investigations, and provides information on FDA’s expectations for the use of Electronic Health Record (“EHR”) data to clinical investigators, research institutions and sponsors of clinical research on drugs, biologics, medical devices and combination products conducted under an Investigational New Drug Application or Investigational Device Exemption.

While the recommendations set forth in the Draft Guidance do not … Continue Reading

FTC Focus on Privacy

At the International Association of Privacy Professionals (“IAPP”) Global Privacy Summit in Washington, D.C. on March 5th and March 6th, the Federal Trade Commission (“FTC”) was clear in its message that privacy was a top priority for the agency.  The FTC had a strong presence at the conference.  Three of the five Commissioners and the Director of the Bureau of Consumer Protection (Jessica Rich) all spoke at the conference and relayed a message of the importance of consumer privacy and security.  In that regard, the FTC speakers stressed the importance of:

  • informing consumers of the collection of
Continue Reading

Complimentary Webinar – The Age of Data Breaches: How to Avoid Being the Next Headline

Security Image

Tuesday, March 24, 2015 at 12:00 p.m. – 1:00 p.m. EDT

The past year has demonstrated that no organization is immune to security incidents that could affect its employees, customers, and reputation.  Understanding the complex legal framework governing data privacy and developing a plan to mitigate risk can be the difference between an incident and a disaster.

Join Epstein Becker Green’s Privacy & Security Practice for a comprehensive overview of data breach priorities impacting organizations that deal in electronic data.  Presenters will identify strategies to prepare for and prevent security incidents as well as summarize key takeaways from the biggest … Continue Reading

Key Issues Facing Places of Public Accommodation at the 25th Anniversary of the ADA

Epstein Becker Green’s recent issue of its Take 5 newsletter focuses on the 25th Anniversary of the ADA and recent developments and future trends under Title III of the ADA.

  1. Website Accessibility
  2. Accessible Point-of-Sale Devices and Other Touchscreen Technology
  3. Movie Theater Captioning & Audio (Narrative) Description
  4. The Availability of Sign Language Interpreters at Health Care Facilities
  5. “Drive By” Design/Construction Lawsuits

Read the full newsletter here.… Continue Reading

Beyond HIPAA: New Jersey Law Requires Encryption of Personal Data by Health Insurance Carriers

Our colleague Mollie K. O’Brien at Epstein Becker Green wrote an advisory on a new law that will increase the protection of personal information under HIPPA by mandating encryption on all computerized data collected by health insurance carriers: “Beyond HIPAA: New Jersey Law Requires Encryption of Personal Data by Health Insurance Carriers.” Following is an excerpt:

In response to data breaches that have occurred across the United States, several of which involved the theft of laptop computers, beginning August 1, 2015, health insurance carriers in New Jersey will be obligated to do more to protect patient information than … Continue Reading

President Obama to Announce New Privacy Initiatives in SOTU

By Evan J. Nagler

The State of the Union Address, scheduled for January 20, 2015, will contain new initiatives related to privacy, White House officials say. The known initiatives are the introduction of a data breach reporting bill, a bill restricting the sale of student information, and a Consumer Privacy Bill of Rights.

SETTING A NATIONAL DATA BREACH REPORTING STANDARD

President Obama is planning on introducing a data breach bill that would standardize the reporting period nationwide at 30 days. The proposed Personal Data Notification and Protection Act would require direct customer notification. The law would also criminalize selling Continue Reading

HIPAA Update: Insights from NIST and OCR

Our colleagues Adam Solander and Ali Lakhani provide an update on the HIPPA Conference last week in Washington, DC. 

On September 23 and 24, 2014, the National Institute of Standards and Technology (“NIST”) and the Department of Health and Human Services Office of Civil Rights (“HHS OCR”) hosted their annual HIPAA conference “Safeguarding Health Information: Building Assurance through HIPAA security.”

OCR officials and key industry leaders engaged in dialogue regarding developments and trends in data breach incidents with respect to health information as well as stakeholder responses and best practices to mitigate risk and respond to potential incidents.… Continue Reading

Expect Increased OCR HIPAA Security Rule Enforcement for Mobile Devices

By Adam Solander, Ali Lakhani and Wenxi Li

The increasing prevalence of mobile technology in the healthcare sector continues to create compliance concerns for physician practices and other health care entities.  While the Office of Civil Rights (OCR) of the Department of Health and Human Services, has traditionally focused on technology breaches within larger health systems, smaller physician practices and health care entities must also ensure that their policies and practices related to mobile technology do not foster non-compliance and create institutional risk.

Physicians Integrate Mobile Technology Into Daily Practice

The Physicians Practice’s 2014 Technology Survey found that … Continue Reading

Reviewing Trends in PHI Breaches & Enforcement

By Patricia WagnerAli Lakhani and Jonathan Hoerner

 

On May 20, 2014, the Secretary of the Department of Health and Human Services (HHS) submitted the agency’s Annual Report to Congress on Breaches of Unsecured Protected Health Information for Calendar Years 2011 and 2012 (“Breach Report”). This report provides valuable insight for healthcare entities regarding their data security and enforcement priorities.

Section 13402(i) of the Health Information Technology for Economic and Clinical Health Act (HITECH) requires the Secretary of Health and Human Services to prepare an annual report regarding the number and nature of breaches report to HHS, as … Continue Reading

Complimentary Webinar to Address Impact of Big Data, IT Integration on Population Health Management

Epstein Becker Green and EBG Advisors announce the eighth webinar in a series focusing on emerging trends in population health.  The next session—entitled “How Will ‘Big Data’ and ‘IT Integration’ Impact Population Health Management?”—will examine the rise of big data and other innovative computational methods.  The speakers will explain how these tools and applications are being leveraged to promote better clinical and financial outcomes for patients, providers, and payors.

To register for this must-attend event, scheduled for June 24, 2014, at 12:00 p.m. ET, click here.

During this webinar, panelists will discuss:

  • How big data is getting
Continue Reading

Protecting Health Information from Hackers – Comments by Robert Hudock

Robert Hudock, a Member of the Firm in the Health Care and Life Sciences practice at Epstein Becker Green, was quoted in an article titled “10 Steps for Thwarting EHR Hackers.

Following is an excerpt:

It’s bad enough that the number of security breaches of patient protected health information appears to be skyrocketing. But it feels downright creepy when the breach is at the hands of a hacker, as was the recent attack by Eastern European hackers that breached almost 800,000 Medicaid recipients in Utah.

And while a lot of hackers are attacking EHRs to steal the … Continue Reading

Epstein Becker Green Recognized as a HITRUST CSF Assessor to Provide Clients with Security and Privacy Risk Assessment for Protected Health Care Information

Epstein Becker Green has been designated by the Health Information Trust Alliance (HITRUST) as a Common Security Framework (CSF) Assessor. This will allow the firm to provide health care organizations with privacy and security risk assessments to protect the entities from breaches of protected health information (PHI). The health care industry has accepted the HITRUST CSF as the most widely adopted security framework. Epstein Becker Green is the first law firm to become a CSF Assessor and the designation exemplifies the firm’s distinct capability to identify and address risk for health care industry clients.

HITRUST provides resources, tools, education, and … Continue Reading

Is Telemedicine Missing from Health Reform?

Perhaps in recognition of its benefits to areas affected by shortfalls in specialists and primary care physicians or the need for remote monitoring, telemedicine received significant funding in the ARRA. For instance, the Rural Utilities Service was allocated $2.5 billion to fund “shovel-ready” distance learning, telemedicine, and broadband program; the Indian Health Services received $85 million to fund telemedicine; and a portion of the $2 billion allocated to the Office of the National Coordinator is to be used to support the “infrastructure and tools for the promotion of telemedicine.” However, in contrast to the ARRA, the current reform proposals publicly … Continue Reading