Health Care

Client Alert

Pandemic Relief UpdateDecember 23, 2020

On Tuesday, December 21, 2020, The United States Congress passed and sent to President Donald J. Trump a new stimulus package that, among other things, provides for new stimulus payments to lower income households, as well as a new round of Paycheck Protection Loans and Economic Injury Disaster Loans, resolves tax issues related to Paycheck Protection loans and loan forgiveness, makes more retirement plan money available to participants, and temporarily reinstates deductions for business meals that will make it easier for taxpayers to support the businesses hardest hit by the continuing pandemic. 
Continue Reading Pandemic Relief Update

Seasons Greetings to all of our readers!  First, we want to wish you and yours a holiday season filled with health, happiness and hope!  We also want to thank you all for continuing to make Legal HIE such a popular and highly visited blog!  It puts a smile on our face seeing so many of you enjoying our posts and returning to our site often!

As stockings are being hung by chimneys with care, we want to make sure you know that Legal HIE’s stockings are absolutely stuffed to the brim with tremendous tools, sample forms, polices and turn-key solutions
Continue Reading Our stockings are stuffed with compliance tools

Last Friday, the Office for Civil Rights (OCR) issued new Guidance on how HIPAA permits covered entities and their business associates to use health information exchanges (HIEs) to disclose PHI for the public health activities of a Public Health Authority (PHA).  Specifically, it provides examples relevant to the COVID-19 public health emergency. OCR Director, Roger Severino, specifically notes that the Guidance was issued:

“to highlight how HIPAA supports the use of health information exchanges in sharing health data to improve the public’s health, particularly during the COVID-19 public health emergency.”.

Although much of the Guidance document simply reiterates the controlling
Continue Reading OCR Publishes New Guidance on Sharing PHI through HIEs for Public Health Purposes

Late last week, two new proposed rules were released which will affect the exchange of health information and HIPAA, among other things.  The CMS and OCR proposed rules come in at over 347 and 357 pages respectively – so that’s a lot of meat to digest!  At a high level, the CMS Proposed Rule aims to “improve the electronic exchange of health care data among payers, providers, and patients,” and “streamline processes related to prior authorization to reduce burden on providers and patients.” The OCR proposed changes to HIPAA take a bite out of patient access, minimum necessary, the HIPAA
Continue Reading A “Double-Double” Set of Proposed Rules from CMS & OCR Affecting Data Sharing & HIPAA

Bankruptcy, Restructuring, and Creditors’ Rights

Common Misunderstandings or Oversights that Members of a Family Business May Be Prone to as They Weigh Whether to File for BankruptcyNovember 9, 2020
Family owned businesses account for approximately 63% of the U.S. workforce.[1] Some may even consider family owned businesses as the “backbone” of the nation’s economy. Many of them have been around for generations and continually contribute to their respective communities. Family owned businesses also carry the potential for additional stress. Both working and socializing with family can potentially hinder one’s ability to have a healthy work/life balance. This can
Continue Reading Common Misunderstandings or Oversights that Members of a Family Business May Be Prone to as They Weigh Whether to File for Bankruptcy

On Monday, ONC posted a new Information Blocking Frequently Asked Questions resource!  Here are a few of the highlights from all of the FAQs responded to by ONC:

Q:  Are health plans or other payers subject to the information blocking regulation?

Q: For the period of time when Information Blocking is limited to USCDI data, how is an Actor expected to fulfill a request for USCDI data if they do not yet have certified health IT in place that includes an API with the USCDI standard?

Q: Is an Actor required to fulfill a request for access, exchange or use of EHI with all
Continue Reading ONC Releases Answers to Frequently Asked Questions to Information Blocking

Interim Final Rule with Comment Period Responds to COVID-19 Pandemic. Responding to public health threats posed by the coronavirus pandemic, today the U.S. Department of Health and Human Services’ (HHS) Office of the National Coordinator for Health IT (ONC) released an interim final rule with comment period that extends the compliance dates and timeframes necessary to meet certain requirements related to information blocking and Conditions and Maintenance of Certification (CoC/MoC) requirements.
Continue Reading Halloween Treat! HHS Delays Information Blocking Compliance Deadline to April 5, 2021!

ONC’s final rule on Information Blocking implements the 21st Century Cures Act and fleshes out what is and is not a prohibited information blocking practice.  However, not all health care organizations and their vendors are on the hook for complying with this new regulation. In my post today, I want to drill down on the scope of health care providers that must comply with the Information Blocking Rule.
Continue Reading Who is on the “Hook” for Information Blocking?

As the November 2nd deadline for compliance with ONC’s Information Blocking Rule nears, many health care providers – which are “Actors” subject to the Rule – are scrambling to reexamine their default settings for sharing various types of data, including lab results. In ONC’s Final Rule preamble, several commenters indicated that providers’ current organizational policies call for practices that delay the release of laboratory results so that the patient’s clinician has an opportunity to review the results before potentially needing to respond to patient questions, or has an opportunity to communicate the results to the patient in a way that
Continue Reading Per ONC, Lab Results Cannot be Delayed Back to “Prevent Harm”

Join me for a pair of 1.5hr Information Blocking Workshops designed to work thorough the nitty-gritty details of the Information Blocking Rule.  The first Workshop will take place WEDNESDAY (9/30) so don’t delay! Workshops will include use cases and scenarios aimed at real challenges faced by health care providers looking to comply with these new regulatory standards for access and sharing of electronic health information. Registrants will receive 2 sample P&Ps, and much more!
Continue Reading Do the Info Blocking Rules have you STRESSED?!! Join Helen O. for Two Not-to-Miss Workshops for Help!

Yesterday, all at once, OCR announced that it has entered into five new Resolution Agreements — each of them stemming from one or more violations of HIPAA’s right of  access afforded to individuals. There are several interesting observations about these new cases that are worth taking note of.

First, although the “penalty” amounts are relatively low, OCR is still definitely intending to set a clear expectation about patients’ right of access afforded under HIPAA. The amounts in these new cases ranged from $3,500 on the low end, which OCR assessed against a psychiatrist in Virginia, and went up to $70,000,
Continue Reading Quintuplet of HIPAA resolutions set tone for providers blocking patient access to PHI

At the last hour, CMS extended the deadline for publishing much anticipated changes to the Stark Law. Originally expected for publication this past August, CMS extended the deadline to August 2021, noting that “… we are still working through the complexity of the issues raised by comments received on the proposed rule and therefore we are not able to meet the announced publication target date.” Together with the OIG’s counterpart rule, the proposed rules contain the potential for significant modernization of the Stark Law and Anti-kickback Statute as part of the “Regulatory Spring to Coordinated Care” as well as increased
Continue Reading CMS Extends Publication Deadline for Stark Law Changes

Seton Hall Law’s Institute for Privacy Protection and Gibbons Institute of Law, Science & Technology is hosting a Virtual Event on September 17th with legal academics, practitioners, and government officials who will evaluate the impact of the COVID-19 pandemic on privacy and intellectual property. Panel One speakers will discuss balancing privacy & public health; Panel Two will discuss Intellectual Property – incentives to access to vaccines & treatments.
Continue Reading Join Seton Hall Law & Helen Oscislawski & Other Esteemed Speakers on September 17th for Panel Discussions on Balancing Privacy and Public Health in a COVID-19 World

After over almost four months of no new HIPAA Resolution Agreements or Civil Money Penalties, OCR quietly posted two new HIPAA settlement agreements at the end of July.  At first glance, both appear to be “run-of-the-mill” cases with nothing much new to learn with the first one resulting in OCR finding that the covered entity failed to even complete a basic Security Risk Analysis and training of workforce, and the other involving – yes, yet again – a stolen unencrypted laptop.  However, the second case in particular deserves closer examination where it has embedded in it more complex corporate structure
Continue Reading OCR Puts the Summer HIPAA Heat on Two Organizations with New Resolution Agreements


Voting in Arizona During the COVID-19 PandemicAugust 24, 2020

The COVID-19 pandemic has drastically changed the lives of most Americans. Most major events have either been postponed or canceled. However, the 2020 presidential election will take place on November 3rd.   How can we exercise our fundamental right to vote while remaining safe and socially distant?  This article explores an alternative option for voting in-person for Arizonans: Ballot-by-Mail.
The Center for Disease Control and Prevention (CDC) recommends early voting and voting by mail where possible to help prevent the spread of COVID-19.  Arizona has a proud history of secure
Continue Reading Voting in Arizona During the COVID-19 Pandemic

Yesterday, the period for public comment on the FTC’s Health Breach Notification Rule closed.  The FTC’s Health Breach Notification Rule requires vendors of PHRs and PHR-related entities to notify the FTC if they experience a breach of security involving unsecured health information. Another area of change to Breach Notification is arising out of the CARES Act which was was enacted into law on March 27, 2020 and is making significant changes 42 C.F.R. Part 2.  Among other changes that the CARES Act is introducing, it creates an entirely new obligation on Part 2 providers to notify SAMHSA of uses and disclosures of Part 2
Continue Reading Big Changes to Big Breaches of Data and Notification Requirements Coming Soon!