In this two-part Triage series, Gina Bertolini, Sarah Carlins, and Jianne McDonald analyze two recent HHS initiatives that address cybersecurity risks to hospitals and health systems nationwide. Cybersecurity events involving...more
In this two-part Triage series, Gina Bertolini, Sarah Carlins, and Jianne McDonald analyze two recent HHS initiatives that address cybersecurity risks to hospitals and health systems nationwide. Cybersecurity events involving...more
3/27/2024
/ Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Health and Human Services (HHS) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
OCR ,
Telehealth
Almost one year ago, Washington State passed the “My Health, My Data” Act (the Act), which aims to protect Washington consumer health data, particularly data related to reproductive healthcare. The Act is the first law in the...more
What You Need to Know in a Minute or Less - The use of pixel technologies on websites and mobile apps in the health care field has garnered considerable attention from regulators and the plaintiffs’ class action bar....more
SUMMARY - On 27 April 2023, Washington Gov. Inslee signed into law House Bill 1155, referred to as the “My Health, My Data” Act (the Act), which takes effect on 31 March 2024. The Act aims to protect Washington consumer...more
SUMMARY - The US Department of Health and Human Services’ Office for Civil Rights (HHS) is proposing changes to the Privacy Rule under the Health Insurance Portability and Accountability Act (HIPAA). HHS's proposed changes...more
BACKGROUND - As we noted in prior health care alerts in 2020, the Coronavirus Aid, Relief, and Economic Security Act (CARES Act) significantly overhauled the federal law that governs the confidentiality of substance use...more
On 28 June 2022, in the wake of the U.S. Supreme Court’s ruling in Dobbs vs. Jackson Women’s Health Organization, the U.S. Department of Health and Human Services (HHS) Secretary Xavier Becerra directed the Office for Civil...more
Desiree Moore, Gina Bertolini, and Jackie Hoffman discuss the increasing impact of data security incidents and security breaches on the health care sector. They define what qualifies under HIPAA as a protected health...more
1/21/2022
/ Cyber Incident Reporting ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Electronic Protected Health Information (ePHI) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Incident Response Plans ,
OCR ,
PHI ,
Popular
This final article in our four-part series examines other relevant laws digital health providers and suppliers should know. If you missed our earlier articles, you can read about HIPAA in Part I and Part II, and the FDCA and...more
In Part I, we provided a high-level overview of Health Insurance Portability and Accountability Act of 1996 (HIPAA) and its provisions. In Part II, we discuss how HIPAA is applied to mobile health (mHealth) application...more
Digital health technologies are revolutionizing the global health environment by advancing healthcare services, Big Data analytics and medical device development and innovation, expanding the reach, accessibility and...more
In this episode, Rebecca Schaefer interviews Gina Bertolini and Desiree Moore about the recent Federal Trade Commission (FTC) policy statement regarding the FTC Health Breach Notification Rule and its applicability to vendors...more
10/7/2021
/ Breach Notification Rule ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Digital Health ,
Electronic Medical Records ,
Electronic Protected Health Information (ePHI) ,
Federal Trade Commission (FTC) ,
Health Care Providers ,
Health Information Technologies ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Medical Records ,
Mobile Health Apps ,
PHI ,
Policy Statement ,
Vendors
As health care providers are increasingly relying on complex and integrated electronic medical record systems, the health care industry has rapidly become one of the most frequent and often vulnerable targets for...more
8/9/2021
/ Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Electronic Protected Health Information (ePHI) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
PHI ,
Popular ,
Risk Management
As we previously reported, the Coronavirus Aid, Relief, and Economic Security Act (CARES Act) overhauled 42 U.S.C. §290dd–2, commonly referred to as “part 2.” Part 2 regulates the confidentiality of substance use disorder...more
The Coronavirus Aid, Relief, and Economic Security Act (“CARES Act”), [1] signed into law March 27, 2020, significantly overhauls the federal law that governs the confidentiality of substance use disorder (“SUD”) records at...more
For the third time in as many years, the Substance Abuse and Mental Health Services Administration (“SAMHSA”) has proposed revisions to the Confidentiality of Substance Use Disorder Patient Records regulations at 42 C.F.R....more
This episode is the first in a series focusing on recent efforts by the Substance Abuse and Mental Health Services Administration (SAMHSA) to update 42 C.F.R. Part 2 (Part 2) regulations related to the confidentiality of...more
10/8/2019
/ Confidential Information ,
Data Privacy ,
Data Use Policies ,
Electronic Medical Records ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Manufacturer Liability ,
Medical Records ,
Mental Health ,
Multidistrict Litigation ,
Municipalities ,
Opioid ,
Patient Privacy Rights ,
Pharmaceutical Industry ,
Prescription Drugs ,
Proposed Legislation ,
Proposed Rules ,
Regulatory Agenda ,
SAMHSA ,
Substance Abuse
In the second episode of our series on the national opioid crisis, Gina Bertolini discusses the overlay of recent guidance concerning privacy laws such as the Health Insurance Portability and Accountability Act (HIPAA) and...more
3/1/2018
/ Confidential Information ,
Decision-Making Process ,
Department of Health and Human Services (HHS) ,
Diminished Capacity ,
Documentation ,
Drug & Alcohol Abuse ,
Final Rules ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Privacy Rule ,
Information Sharing ,
Medical Records ,
OCR ,
Opioid ,
PHI ,
Physician-Patient Confidentiality ,
Prior Authorization ,
SAMHSA ,
Substance Abuse ,
Trump Administration
Background - As many health care practitioners, health information management professionals, and health lawyers know, balancing patients’ privacy interests with the need to access accurate, up-to-date medical information can...more