On Friday April 26, 2019, the US Department of Health and Human Services (“HHS”) issued a notification regarding HHS’ use of Civil Monetary Penalties (“CMP”) under the Health Insurance Portability and Accountability Act (“HIPAA”) as amended by the Health Information Technology for Economic and Clinical Health (“HITECH”) Act.  https://www.federalregister.gov/documents/2019/04/30/2019-08530/enforcement-discretion-regarding-hipaa-civil-money-penalties.  The notice provides: “As a

The healthcare industry is still struggling to address its cybersecurity issues as 31 data breaches were reported in February 2019, exposing data from more than 2 million people.  However, the emergence of artificial intelligence (AI) may provide tools to reduce cyber risk.

AI cybersecurity tools can enable organizations to improve data security by detecting

Recently, the U.S. Department of Health & Human Services (“HHS”) issued guidance for healthcare cybersecurity best practices.  As required under the Cybersecurity Act (CSA) of 2015, this four-part guidance was generated by a Task Group charged with the following:

  1. Examining current cybersecurity threats affecting the healthcare and public health sector;
  2. Identifying specific weaknesses that

On November 30, 2018, the Department for Health and Human Services (“HHS”) Health Resources and Services Administration (“HRSA”) will publish its final rule to change the effective date for its 340B Drug Pricing Program ceiling price and manufacturer civil monetary penalty final rule to January 1, 2019.

After two years of proposed rulemaking, HHS published

A dental practice and related dental management company have become the first two entities to make their way on to the newly created “High Risk – Heightened Scrutiny” list from the Office of Inspector General for the United States Department of Health and Human Services (the “OIG”).[1]

ImmediaDent of Indiana, LLC, a professional dental

On November 1, 2018, the Office of the Inspector General (“OIG”) for the U.S. Department of Health and Human Services (“HHS”) published an audit report finding that the U.S. Food and Drug Administration’s (“FDA”) policies and procedures were “deficient for addressing medical device cybersecurity compromises.” (A copy of OIG’s complete report is available here and

The American Clinical Laboratory Association (“ACLA”) challenged the final rules promulgated by the Department for Health and Human Services (“HHS”) pertaining to how the Medicare Clinical Laboratory Fee Schedule (“CLFS”) payment rates are established for laboratory services (Am. Clinical Lab. Ass’n v. Azar, No. 17-2645 ABJ, 2018 U.S. Dist. LEXIS 161639, 2018 WL

On June 20, 2018, the Centers for Medicare and Medicaid Services (“CMS”) published an advance copy of a request for information seeking public input on reforms to the Physician Self-Referral Law (or “Stark Law”).

The request for information stems from on-going efforts by the Department of Health and Human Services (“HHS”) to accelerate the government’s

The Health Care Compliance Association (HCCA) kicked off its 22nd Annual Compliance Institute on Monday, April 16, 2018. During the opening remarks, Inspector General Daniel Levinson, of the Department of Health and Human Services (HHS) Office of Inspector General Office (OIG), announced the rollout of a new public resource to assist companies in ensuring

On August 31, 2016, FDA issued a notification of public hearing and request for comments on manufacturer communications regarding unapproved uses of approved or cleared medical products. The hearing will be held on November 9-10, 2016, and individuals wishing to present information at the hearing must register by October 19, 2016. The deadline for written