An Austrian hotel was a recent victim of a “ransomware” computer attack that disabled its electronic room key system and locked up its own computers, and this follows ransomware attacks on hospitals. These attacks demonstrate that hospital administrators should be sure that IT agreements adequately address the risks of cyberattacks. Moreover, this important lesson applies to health care institutions as ransomware causes great harm because it locks up and makes patient and other records unavailable at the very time they are required for ongoing medical care. New IT agreements should cover the risks, and existing agreements should be reviewed to determine whether they still provide the necessary protection.
Please join us for a free webinar (noon-1:00 pm PT/3:00-4:00 pm ET) designed to help health care facilities prepare for the new CALOSHA regulation that addresses the threat of workplace violence.
As you might know, the California Division of Occupational Safety & Health Standards Board recently approved a new safety standard designed to provide comprehensive regulatory protections for workers exposed to workplace violence in health care settings. The standard, which was sponsored by several labor unions, will require covered health care providers to develop workplace violence prevention plans, training programs, conduct safety and security assessments, and recordkeeping procedures to track certain incidents of workplace violence.
Arent Fox LLP is pleased to announce the return of health care regulatory attorney Rachel Hold-Weiss as a partner in the firm’s New York office. Ms. Hold-Weiss is re-joining Arent Fox after serving as the Associate General Counsel and Corporate Compliance Officer for the Personal-Touch Home Care companies. A welcome addition to the firm’s nationally recognized Health Care practice, Ms. Hold-Weiss will focus on regulatory, transactional, and litigation matters for health care providers, primarily hospices, home health agencies, skilled nursing facilities, and assisted living facilities.
On the heels of a January 20, 2017 memorandum freezing the release of any new or pending regulations until they have been reviewed and approved by Trump Administration appointees, the White House issued an executive order on January 30, 2017 requiring agencies and executive departments to “identify at least two existing regulations to be repealed” whenever they propose or promulgate a new regulation.
Partner Linda Baumann was recently quoted in the Bloomberg BNA article, “Health Fraud Rule Withdrawal May Hurt Enforcement Efforts,” appearing in both the Health Care Daily Report and the Medicare Report. The article discusses how fraud enforcement efforts in the health care industry may be hindered by the Trump Administration’s delay of a program integrity final rule that would have strengthened the government’s ability to suspend or revoke provider enrollment in Medicare and Medicaid. The rule withdrawal followed a January 30 executive order from President Trump calling for the elimination of two regulations for every new regulation. Ms. Baumann noted that the “two-for-one” order decreases the likelihood that many new fraud and abuse regulations will be issued in the near future.
On January 20, 2017, President Trump’s Chief of Staff, Reince Priebus, issued a memorandum implementing an immediate regulatory freeze of any new or pending regulations until they have been reviewed and approved by Trump Administration appointees. Days later, on January 30, President Trump signed an executive order that requires agencies to repeal at least two pre-existing regulations for every new regulation issued. These actions signal the start of the Trump Administration’s efforts to scale back and eliminate some of President Obama’s key regulatory initiatives, and to reduce the compliance costs stemming from regulations going forward.
Please join Arent Fox partners Sarah Bruno, Jade Kelly and Matthew Mills on Tuesday, February 21 from 1:00-2:30 PM Eastern for a Health Care Compliance Association webinar titled Navigating the Rest of the Iceberg: Privacy and Security Compliance Beyond HIPAA.
About this Webinar
This webinar will walk through privacy and security laws commonly overlooked by health care organizations. Topics covered include: The Gramm-Leach-Bliley Act; PCI Compliance; FTC Guidance; Applicable State Laws; and EU General Data Protection Regulation. We will provide useful information for assessing when these laws apply, as well as tips and practical guidance for compliance.
On January 12, 2017, the Federal Trade Commission (FTC) held its second PrivacyCon conference. PrivacyCon brings together researchers, academics, industry representatives, consumer advocates, and government regulators, to discuss the latest research and trends related to consumer privacy and data security. This year’s PrivacyCon featured presentations from academics and technology researchers covering the following five main areas: (1) the Internet of Things (IoT) and Big Data; (2) mobile privacy; (3) consumer privacy expectations; (4) online behavioral advertising; and (5) information security. FTC Chairwoman Edith Ramirez, who is stepping down effective February 10, 2017, opened the conference with the myriad of ways consumer data is collected, asking if the risks associated with data collection outweigh the benefits.
Why Should You Care?
Earlier this month, FDA finalized Guidance for Industry, Assessment of Abuse Potential of Drugs. This guidance is intended to assist researchers and sponsors of new drugs that may have central nervous system (CNS) activity evaluate whether the drug has abuse potential. It provides the agency’s recommendations for timing and design of abuse-related studies, the types of studies that should be included in an abuse potential assessment submitted as part of a new drug application (NDA), and provides general recommendations for consulting with FDA about abuse potential assessment during the drug development process.
Last week, FDA issued a draft guidance, Drug and Device Manufacturer Communications with Payors, Formulary Committees, and Similar Entities – Questions and Answers, describing the Agency’s expectations for drug and device manufacturers’ communication of health care economic information (HCEI) about their products to payors, formulary committees, and “other similar entities with knowledge and expertise in the area of health care economic analysis.” What is most notable about this guidance is that FDA has taken the position that this type of information may be shared before a product has been approved.
ABOUT ARENT FOX LLP
Arent Fox LLP, founded in 1942, is internationally recognized in core practice areas where business and government intersect. With more than 350 lawyers, the firm provides strategic legal counsel and multidisciplinary solutions to clients that range from Fortune 500 corporations to trade associations. The firm has offices in Los Angeles, New York, San Francisco, and Washington, DC.