Health Information Technology

In this episode of the Diagnosing Health Care Podcast:   The U.S. Food and Drug Administration (FDA) recently issued a final guidance document clarifying how the agency intends to regulate clinical decision support (CDS) software.

How has this document caused confusion for industry? How can companies respond?

Continue Reading Podcast: Unpacking FDA’s Final Clinical Decision Support Guidance – Diagnosing Health Care

On February 1, 2023, the FTC announced a proposed $1.5 million settlement with GoodRx Holdings, based on alleged violations of the Federal Trade Commission Act (“FTC Act”) and Health Breach Notification Rule (“HBNR”) for using advertising technologies on its websites and mobile app that resulted in the unauthorized disclosure of consumers’ personal and health information to advertisers and other third parties. On the same day, the U.S. Department of Justice, acting on behalf of the FTC, filed a Complaint and Proposed Stipulated Order detailing the FTC’s allegations and the terms of the proposed settlement. 

Continue Reading FTC Brings Enforcement Action Under FTC Act and Health Breach Notification Rule Based on GoodRx’s Use of Advertising Tracking Technology on Its Websites and Mobile Application

On December 1, 2022, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) published a bulletin warning that commonly used website technologies, including cookies, pixels, and session replay, may result in the impermissible disclosure of Protected Health Information (“PHI”) to third parties in violation of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). The bulletin advises that “[r]egulated entities are not permitted to use tracking technologies in a manner that would result in impermissible disclosures of Protected Health Information (“PHI”) to tracking technology vendors or any other violations of the HIPAA Rules.” The bulletin is issued amidst a wider national and international privacy landscape that is increasingly focused on regulating the collection and use of personal information through web-based technologies and software that may not be readily apparent to the user.

Continue Reading HHS Warns HIPAA Covered Entities and Business Associates That Use of Website Cookies, Pixels, and Other Tracking Technology May Violate HIPAA Rules

From the Diagnosing Health Care PodcastHow have complaints of information blocking been submitted to the Office of the National Coordinator (ONC), and by whom? What does government enforcement action really look like?

In this episode of our special series on interoperability, hear from ONC attorneys Cassie Weaver and Rachel Nelson.

Continue Reading Podcast: Interoperability: Information Blocking Claims and Enforcement – Diagnosing Health Care

On July 8, two weeks following the Supreme Court’s ruling in Dobbs v. Jackson that invalidated the constitutional right to abortion, President Biden signed Executive Order 14076 (E.O.). The E.O. directed federal agencies to take various actions to protect access to reproductive health care services,[1] including directing the Secretary of the U.S. Department of Health and Human Services (HHS) to “consider actions” to strengthen the protection of sensitive healthcare information, including data on reproductive healthcare services like abortion, by issuing new guidance under the Health Insurance and Accountability Act of 1996 (HIPAA).[2]

Continue Reading Biden Administration Seeks to Clarify Patient Privacy Protections Post-Dobbs, Though Questions Remain

Featured on the Diagnosing Health Care Podcast:  How is openEHR transforming the way health data is managed and stored across Europe? Will it soon disrupt the U.S. marketplace?

In this episode of our special series on interoperability, hear from Alastair Allen, CTO of Better.

Continue Reading Podcast: Interoperability: Health Care’s Next Disruptor Is openEHR – Diagnosing Health Care

In this episode of the Diagnosing Health Care Podcast:  In the past decade, certified electronic health records (EHRs) have been instrumental in transforming medical records from paper to digital formats.

What obstacles are currently preventing providers from sharing patient data with each other or patients from sharing health information from their personal devices with their providers? In this episode of our special series on interoperability, hear from Tomaž Gornik, founder and CEO of Better.

Continue Reading Podcast: Interoperability: A New Vision Through openEHR – Diagnosing Health Care

The U.S. Supreme Court is expected to imminently issue its opinion in the case Dobbs v. Jackson Women’s Health Organization (“Dobbs”). If the Court rules in a manner to overturn Roe v. Wade, states will have discretion in determining how to regulate abortion services.[1] Such a ruling would overturn nearly 50 years of precedent, leaving patients, reproductive health providers, health plans, pharmacies, and may other stakeholders to navigate a host of uncharted legal issues. Specifically, stakeholders will likely need to untangle the web of cross-state legal issues that may emerge.

Continue Reading The Pendulum Swings Both Ways: State Responses to Protect Reproductive Health Data, Post-Roe

On April 11, 2022, the Drug Enforcement Administration (DEA) released a final rule which amends DEA regulations to now require all applications for DEA registrations, and renewal of those registrations, to be submitted online. The final rule is effective May 11, 2022.

On January 7, 2021, DEA published a notice of proposed rulemaking (NPRM) that proposed requiring that all applications for DEA registrations, and renewal of those registrations, be submitted online. DEA is promulgating this rule as proposed in the NPRM with one exception: DEA is clarifying that Automated Clearing House (ACH) fund transfers will be accepted as payment for registrations and renewals.
Continue Reading DEA Finalizes Rule Requiring All Registrations and Renewal Applications to Be Completed Online

The past several years have proven difficult for healthcare entities due to increasing cybersecurity threats, breaches and regulatory enforcement. Following these trends, on April 6, 2022, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) released a Request for Information (RFI) soliciting public comment on how regulated entities are voluntarily implementing security practices under the Health Information Technology for Economic and Clinical Health Act of 2009 (HITECH Act) and also seeking public input on sharing funds collected through enforcement with individuals who are harmed by Health Insurance Portability and Accountability Act of 1996 (HIPAA) rule violations.

Continue Reading HIPAA Enforcers Seek Public Input on Recognized Security Practices and Sharing Enforcement Recoveries with Affected Individuals