On April 18, 2019, the Department of Health & Human Services Office for Civil Rights (OCR) issued five new FAQs addressing the applicability of HIPAA to the use of software applications (apps) by individuals to receive health...more
The Department of Homeland Security (DHS) issued a warning on April 15, 2019 entitled “VPN Applications Insecurely Store Session Cookies” (Vulnerability Note VU#192371) stating that “[M]ultiple Virtual Private Network (VPN)...more
4/19/2019
/ Cookies ,
Data Breach ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Email ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Incident Response Plans ,
Information Technology ,
Personally Identifiable Information ,
Phishing Scams
On April 8, 2019, The University of Texas MD Anderson Cancer Center (MDA) filed a petition with the U.S. Court of Appeals for the Fifth Circuit seeking review of a decision by the Department of Health & Human Services’s (HHS)...more
On March 6, 2019, the U.S. Department of Health & Human Services Office of Inspector General (OIG) issued a favorable advisory opinion that allows a nonprofit medical center (“Center”) to offer free, in-home follow-up care...more
Since the beginning of 2019, federal and state authorities in Connecticut have announced a number of enforcement actions targeting alleged health care fraud in the state. ...more
On March 26, 2019, the New York Court of Appeals upheld the state Department of Labor’s (the “DOL”) so-called “13-hour rule” governing payment of home health care aides that work 24 hour shifts....more
3/29/2019
/ Department of Labor (DOL) ,
Domestic Workers ,
Employer Liability Issues ,
Health Care Providers ,
Home Health Agencies ,
Home Health Care ,
Home Healthcare Workers ,
Regulatory Requirements ,
Rest and Meal Break ,
State and Local Government ,
State Labor Laws ,
Wage and Hour ,
Work Schedules
On February 25, 2019, the U.S. Department of Justice (DOJ) announced a settlement with a urology group practice to settle allegations of False Claims Act (FCA) violations tied to the alleged submission of improperly unbundled...more
The Department of Justice (DOJ) recently announced two high-dollar False Claims Act (FCA) enforcement actions involving allegedly fraudulent arrangements tied to the implementation and use of electronic health record systems...more
2/21/2019
/ Anti-Kickback Statute ,
Corporate Integrity Agreement ,
Department of Justice (DOJ) ,
EHR ,
Electronic Health Record Incentives ,
Enforcement Actions ,
False Claims Act (FCA) ,
Fraud and Abuse ,
Healthcare Fraud ,
Settlement Agreements ,
Stark Law ,
White Collar Crimes
On February 19, 2019, the Department of Justice (DOJ) announced that it had intervened in a False Claims Act (FCA) whistleblower suit filed against Arriva Medical LLC (Arriva) and its parent that allegedly involves the...more
On February 6, 2019, the Department of Health and Human Services (HHS) Office of Inspector General (OIG) published a proposed rule (Proposed Rule) that would amend the safe harbor regulations under the Federal Anti-Kickback...more
2/7/2019
/ Anti-Kickback Statute ,
Comment Period ,
Department of Health and Human Services (HHS) ,
Drug Pricing ,
Health Care Providers ,
Medicare Part D ,
OIG ,
Pharmaceutical Industry ,
Pharmacy Benefit Manager (PBM) ,
Prescription Drugs ,
Proposed Rules ,
Rebates ,
Safe Harbors
On January 24, 2019, the Office of Inspector General (“OIG”) issued a favorable advisory opinion allowing a pharmaceutical manufacturer (“Manufacturer”) to temporarily loan limited-functionality smartphones to financially...more
Cybercriminals have launched a new campaign that not only requires the victim to pay a ransom to have their data decrypted, but when the victim is directed to a PayPal account to pay the ransom and get the decryption key to...more
1/21/2019
/ Biometric Information ,
California Consumer Privacy Act (CCPA) ,
Cell Phones ,
Commercial General Liability Policies ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data-Sharing ,
Drones ,
Geological Data ,
Hackers ,
HIPAA Breach ,
Personally Identifiable Information ,
Ransomware ,
Right to Privacy ,
Risk Management ,
Rulemaking Process ,
WISP
According to reports, a Georgia-based physician who previously pleaded guilty to criminal violations of the Health Insurance Portability and Accountability Act (HIPAA) received six months of probation from a Massachusetts...more
For data security buffs like me, the recent McAfee® Labs Threats Report, December 2018 is, or should be, a top pick on the list. Well, maybe not for the holiday reading list. We need to be careful not to bring up the results...more
12/27/2018
/ Article III ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Driverless Cars ,
Drones ,
Experian ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Information Technology ,
OCR ,
Public Health ,
Risk Management ,
Smart Devices ,
Standing ,
Transportation Industry ,
Vaccinations ,
Value-Based Care ,
Vulnerability Assessments
On December 11, 2018, the U.S. Attorney’s Office for the Eastern District of Pennsylvania (DOJ) announced that it had entered into a $12.5 million dollar settlement with Pennsylvania-based health system Coordinated Health...more
On December 14, 2018 the Department of Health & Human Services Office for Civil Rights (OCR) published a Request for Information (RFI) soliciting public input on updates to regulations promulgated under the Health Insurance...more
12/19/2018
/ Comment Period ,
Covered Entities ,
Deregulation ,
Electronic Health Record Incentives ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare Reform ,
OCR ,
PHI ,
Regulatory Agenda ,
Regulatory Burden ,
Request For Information ,
Value-Based Care
On November 30, 2018, the Solicitor General of the United States filed a long-awaited amicus brief in response to the U.S. Supreme Court’s request for the government’s view of the False Claims Act (FCA) case U.S. ex rel....more
In its 2019 Medicare Physician Fee Schedule Final Rule (PFS Rule), CMS finalized a regulatory change that updates supervision requirements for Registered Radiologist Assistants and Radiology Practitioner Assistants...more
On November 1, 2018, the Centers for Medicare & Medicaid Services (CMS) released its 2019 Physician Fee Schedule Final Rule (PFS Rule), which contains a number of significant substantive changes to Medicare payment practices...more
According to reports by WhoWhatWhy and the Associated Press, five security experts have confirmed a private citizen’s allegation that the Georgia Online Voter Database contains a major security flaw and is vulnerable to...more
11/12/2018
/ Commercial Use ,
Credit Cards ,
Customer-Loyalty Programs ,
Data Breach ,
Databases ,
Drones ,
HIPAA Breach ,
Hospitality Industry ,
Hotels ,
Identity Theft ,
Kenya ,
Phishing Scams ,
USPS ,
Vulnerability Assessments
On November 2, 2018, the New Jersey Attorney General announced a settlement worth up to $200,000 with a former medical transcription company responsible for a breach affecting medical records of up to 1,654 patients of a New...more
The U.S. Patent and Trademark Office (USPTO) announced last week that it has discovered unauthorized users have attempted to hack into its online trademark system to attempt to make unauthorized changes to active trademark...more
10/29/2018
/ Airspace ,
Beyond Visual Line Of Sight (BVLOS) ,
Centers for Medicare & Medicaid Services (CMS) ,
Credit Security Freeze ,
Cyber Attacks ,
Data Breach ,
Drones ,
Employee Training ,
General Electric ,
Hackers ,
HIPAA Breach ,
Intellectual Property Protection ,
Legal Ethics ,
New Legislation ,
Risk Management ,
Small Business ,
Trademark Application ,
Trademark Registration ,
Unmanned Aircraft Systems ,
USPTO
Federal legislation recently took effect that prohibits consumer reporting agencies from charging a fee to place or remove (lift) a security freeze on a consumer credit report in response to a consumer request. ...more
10/25/2018
/ Consumer Credit Protection ,
Credit Reporting Agencies ,
Credit Reports ,
Credit Security Freeze ,
Data Breach ,
Economic Growth Regulatory Relief and Consumer Protection Act ,
Equifax ,
Experian ,
Fair Credit Reporting Act (FCRA) ,
Financial Services Industry ,
Identity Theft ,
TransUnion
Many consumers are unaware that retailers use facial recognition technology in retail stores to monitor shoppers and prevent shoplifting. Consumers see cameras in retail stores and assume they are there to monitor for...more
10/15/2018
/ Americans with Disabilities Act (ADA) ,
COPPA ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Disability Discrimination ,
Driverless Cars ,
Drones ,
Enforcement Actions ,
EU-US Privacy Shield ,
Facial Recognition Technology ,
Federal Aviation Administration (FAA) ,
Federal Trade Commission (FTC) ,
OIG ,
Online Safety for Children ,
Personally Identifiable Information ,
Popular ,
Regulatory Standards ,
Title III ,
Trump Administration ,
Unmanned Aircraft Systems ,
Website Accessibility ,
Website Owner Liability ,
Websites
The Office of Inspector General (OIG) recently announced the creation of a cybersecurity team focused on combating threats within the Department of Health & Human Services (HHS), and within the health care industry. ...more