Guest Contributor

Subscribe to all posts by Guest Contributor

COVID-19: HHS Issues FAQs on HIPAA and Telehealth to Help Providers Maintain Access to Care During the Pandemic

On March 20, the U.S. Department of Health and Human Services (HHS) issued additional guidance in the form of Frequently Asked Questions (FAQs) on HIPAA and telehealth services to help providers furnish care during the COVID-19 pandemic. The FAQs follow and provide further information on the Notification of Enforcement Discretion issued by HHS on March 17 (Notification), … Continue Reading

HHS Finalizes Joint Rules on Electronic Health Record Interoperability and Access

On March 9, 2020, the Department of Health and Human Services (HHS) announced final rules seeking to give patients more access to, and control of, their health data. The final rules were issued by the Office of the National Coordinator for Health Information Technology (ONC) and Centers for Medicare and Medicaid Services (CMS). The ONC rule is … Continue Reading

OCR Comments on Recent Ciox Case Vacating Certain Omnibus Rule Regulations and Guidance Relating to Fees for Providing Patient Records

The U.S. Department of Health and Human Services’s (HHS) Office for Civil Rights (OCR) issued an Important Notice Regarding Individuals’ Right of Access to Health Records through its email list serve on January 29, 2020.  In the Notice, OCR addressed the recent memorandum Opinion issued in Ciox Health v. Azar, et al, No. 18-cv-00040 (D.D.C. January 23, 2020). In that case, … Continue Reading

HHS Proposes Changes to Permit Donation of Cybersecurity Technology

On October 17, 2019, the Department of Health and Human Services (HHS) published proposed rules to update the regulatory Anti-Kickback Statute (AKS) safe-harbors and exceptions to the Physician Self-Referral (PSR) Law, known commonly as the Stark Law (AKS proposed rule available here; PSR proposed rule available here). In an earlier blog post, we described each of the proposed … Continue Reading

Allscripts Announces $145 Million Preliminary Settlement with DOJ Related to an Investigation of Practice Fusion, a Recently Acquired EHR Company

In its second quarter Securities Exchange Commission (SEC) filing, Allscripts addressed its announced agreement in principle with the Department of Justice (DOJ) to resolve investigations into certain alleged practices of Practice Fusion, an electronic health records (EHR) vendor acquired by Allscripts in February 2018 for $100 million. Allscripts indicated the agreement is still subject to … Continue Reading

CISA’s Failure May Come to Haunt the Technology Industry

The Cybersecurity Information Sharing Act of 2015 (CISA) was intended to incentivize private entities to share threat intelligence information with the federal government (specifically the Department of Homeland Security), allowing all parties to react more quickly and efficiently to cyber threats. The vision was that thousands of companies would sign on, creating a powerful network … Continue Reading

Is Bad Cyber Insurance Coverage Actually Good for Consumers?

The cyber insurance market continues to evolve, and major questions remain unanswered. Should policies cover regulatory fines? Should first- and third-party claims be addressed in separate policies? The list goes on. For the consumer, here is an interesting thought experiment: Is a company having limited access to cyber insurance actually a good thing? Aside from … Continue Reading

Data Mining Shaping The Global Political Climate

The 2016 U.S. Presidential election demonstrated the importance of digital campaigning. President Trump’s campaign was vastly outspent by Hillary Clinton’s campaign, and placed little emphasis on traditional ground-game tactics. Instead, Trump focused his campaign on digital strategies to target “persuadable voters” via social media. The outcome of the election demonstrated the efficacy of this strategy; … Continue Reading

Behavioral Biometrics: Constructing the Digital You

During WWII, Morse Code was an indispensable asset that allowed the allies to transmit sensitive information over long distances with great accuracy. However, it contained an obvious, and potentially fatal, flaw — it provided no built in mechanism for identifying the sender of the messages. In order to combat this, U.S. intelligence officers implemented a … Continue Reading

Yet Another Breach

The 2019 calendar year had a rough beginning with several massive data breaches. Just this week, more than 600 million account details were stolen from 16 different websites: Dubsmash MyFitnessPal MyHeritage ShareThis HauteLook Animoto EyeEm 8fit Whitepages Fotolog 500px Armor Games BookMate CoffeeMeetsBagel Artsy DataCamp The account details being sold on the dark web from … Continue Reading

Technology Boost Helps Protect Super Bowl LIII

The biggest sporting event of the year is now over— and the Patriots, with the help of NFL super duo Tom Brady (the oldest quarterback to ever win the Super Bowl) and Bill Belichick (the oldest head coach to ever win the Super Bowl) took the title—New England’s sixth since 2002. Over 100 million people … Continue Reading

California Law IoT Devised to Have “Reasonable Security Feature”

On September 28, 2018, California passed Senate Bill No. 327, Chapter 886, which regulates the security of all internet of things (IoT) devices sold in California.  Collectively, IoT broadly refers to all internet-enabled devices and includes everything from doorbells and lamps to cell phones and wearable devices. This bill, beginning on January 1, 2020, will … Continue Reading

OSHA’s Use of Drones During Workplace Inspections

These days, it is not uncommon to see drones flying overhead. But employers beware…you might see one during your next workplace inspection. Earlier this year, OSHA issued a memo formalizing its use of drones for inspection activities, and, according to a recent report by Bloomberg Law, it used drones for 9 inspections this year. The memo indicates … Continue Reading

Massachusetts PATCH Act, Requires Additional Protection for Certain Confidential Health Care Information

Earlier this year, Governor Charlie Baker signed into law an Act to Protect Access to Confidential Healthcare (the PATCH Act), which prevents information regarding “sensitive health care services” from being shared with anyone other than the patient in the form of Explanation of Benefits (EOB) and Summary of Payment (SOP) forms. When more than one … Continue Reading

Data Breach Results in $1.4 Million Theft from CHET 529 College-Savings Accounts

On June 27, 2018, the State of Connecticut Treasurer’s Office announced that about $1.4 million had been stolen from Connecticut Higher Education Trust (CHET) college-savings accounts. This theft resulted from data security breaches that occurred in early June, 2018. Connecticut State Treasurer Denise L. Nappier confirmed that TIAA-CREF Tuition Financing Inc. (TIAA-CREF), the CHET Direct … Continue Reading

New York Financial Services Cybersecurity Regulations Deadline Looming This Week

On March 1, 2018, the one year transition period within which banks, insurance companies, and other financial services institutions and licensees regulated by the New York Department of Financial Services (“Covered Entities”)  must have implemented a cybersecurity program ends. By March 1, the Covered Entities must be in compliance with the following requirements: 23 NYCRR … Continue Reading

New York’s Landmark Cybersecurity Regulation Compliance Deadlines Looming

On February 15, 2018—that is, today—banks, insurance companies and other financial services institutions and licensees regulated by the New York Department of Financial Services (DFS) are required to file their first certification of compliance with DFS’s far reaching cybersecurity regulation (23 NYCRR Part 500) (the “Regulation”). The Regulation, which became effective on March 1, 2017, … Continue Reading

President Trump Reinstates the FAA Drone Registration Requirement

By signing the National Defense Authorization Act for 2018, President Donald Trump reinstated the requirement for recreational drone operators to register with the Federal Aviation Administration (FAA). The requirement was initially introduced in late 2015, but in May of this year, a D.C. Circuit Judge ruled that the FAA did not have proper authority to … Continue Reading

FAA Seeking to Quicken UAS Airspace Authorization Process

The Federal Aviation Administration (FAA) recently published notice in the Federal Register seeking permission to quicken authorizations for Part 107 unmanned aircraft system (UAS) operations in restricted areas. The FAA wishes to use the Low Altitude Authorization and Notification Capability (LAANC) system for authorizations which would give the FAA the ability “to grant near-real time … Continue Reading

DOT Announces Drone Pilot Program to Encourage Local and National Collaboration

President Donald Trump has directed the U.S. Department of Transportation (DOT) to launch an initiative which will safely test and validate advanced operations for drones in partnership with state and local governments in select jurisdictions. According to the DOT, the results of the Unmanned Aircraft Systems (UAS) Integration Pilot Program will be used to speed … Continue Reading

FAA Grants CNN Approval to Operate Drones Over People in the “Real World”

The Federal Aviation Administration (FAA) has granted CNN approval to operate drones over people in real-world conditions, which means that for the first time, drones will be allowed to fly over wide ranges of urban and suburban environments. CNN requested a Part 107 waiver, which was granted by the FAA, which will allow it to … Continue Reading
LexBlog