Health Care Counsel

Arent Fox's health care law blog offers news, analysis, and insights for the health care industry.

Health Care Counsel
Clinical Trials, Research & IRBs
alert
DEA Denies Marijuana Rescheduling Petition, Eases Research Restrictions
  • DEA will not reschedule marijuana unless the FDA determines the drug has a medical use.
  • DEA’s new research policy will hopefully facilitate future necessary medical research.
Continue Reading →
Affordable Care Act, Fraud & Abuse Compliance
alert
Ensuring Compliance With CMS 60-Day Overpayment Rule

* The following alert was originally published in Health Law360. To read it on the Health Law360 website, click here

Continue Reading →
HIPAA / Health Privacy & Security
alert
FTC Flexes Security Muscles in ASUSTek Settlement & LabMD Reversal

What’s New?

The Federal Trade Commission asserted its data security authority in two recent back-to-back enforcement actions, only a day apart from each other.

Continue Reading →
HIPAA / Health Privacy & Security
alert
Another Record HIPAA Settlement, Another Reminder to Keep Electronic PHI Secure

Today, the US Department of Health & Human Services’ Office for Civil Rights (OCR) announced that Advocate Health Care Network (Illinois’ largest healthcare system) will pay a record $5.5 million settlement for violating HIPAA. The violations include failure to properly assess risks and limit access to electronic PHI (for example, an unencrypted laptop was left in an employee’s unlocked vehicle overnight); failure to have in place business associate agreements; and three data breaches, compromising the records of four million patients. With this record settlement (and other recent settlements setting previous record highs), OCR hopes to send covered entities a strong message that they must conduct comprehensive risk analyses and risk management to keep electronic PHI secure.

Continue Reading →
HIPAA / Health Privacy & Security
alert
Business Associates Beware! HHS Levies First HIPAA Fines on Business Associate

On June 24, 2016, the non-profit Catholic Health Care Services of the Archdiocese of Philadelphia (CHCS) agreed to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule with the U.S. Department of Health and Human Services (HHS). This is HHS’ first resolution agreement and monetary penalty against a business associate (BA) under HIPAA.
 

Continue Reading →
HIPAA / Health Privacy & Security
alert
Beware of Ransomware, Or the Bad Guys Could Hold Your Devices and Data Hostage

What’s New?

Ransomware is old news – it has been around at least since 1989 – but it has only now started to attract widespread attention. Ransomware is a type of malicious software (or malware, for short) that blocks access to the infected device, to some or all of the information stored in the device, or even worse, to files in the device’s network. To unlock either the device or the data, the responsible cybercriminals require the victim to pay a ransom. Ransomware is typically enabled when a victim clicks on malicious links in an email or online.
 

Continue Reading →
E-Health, HIPAA / Health Privacy & Security, mHealth, Telemedicine & E-health
alert
Approval of Privacy Shield Provides Framework for Transfer Personal Data between the US and EU

What’s New?

After months of negotiations, it’s official: the EU-US Privacy Shield has been formally approved on both sides of the Atlantic, by the EU Commission and the US Commerce Department, despite concerns surrounding the adequacy of its earlier version.

Continue Reading →
E-Health, HIPAA / Health Privacy & Security, mHealth
alert
IT Systems Put Security into Health Care Cybersecurity

*This article was originally published by The Journal of Health Care Compliance.

Strong cybersecurity is no longer an option for health care institutions. A medical chart is identity theft on a platter. Criminals pay more for personal health information than for credit card numbers. Unauthorized access to electronic health records surpassed hacking as the chief cybersecurity risk in 2016. Third-party information technology (IT) systems used by heath care providers and other institutions (referred to for convenience as “hospitals” in this article) are a key avenue of unauthorized access and pose a significant risk as hospitals upgrade IT systems either alone or as part of a merger into larger health care systems. This article address how health care IT puts the security in health care cybersecurity.

Seven Critical Cybersecurity Roles Played by IT

Continue Reading →
E-Health, HIPAA / Health Privacy & Security
alert
OCR’s HIPAA Guidance on Ransomware Expands Traditional Interpretation of “Breach”

On Monday, July 11, 2016, the Office for Civil Rights (OCR) released a fact sheet with guidance for covered entities and business associates on HIPAA and ransomware.

Continue Reading →

Pages

SUBSCRIBE

Add the Arent Fox Health Care Law blog to your RSS feed reader.

Arent Fox In Your Inbox
To subscribe to Arent Fox Alerts and other news, click here.

ABOUT ARENT FOX LLP

Arent Fox LLP, founded in 1942, is internationally recognized in core practice areas where business and government intersect. With more than 350 lawyers, the firm provides strategic legal counsel and multidisciplinary solutions to clients that range from Fortune 500 corporations to trade associations. The firm has offices in Los Angeles, New York, San Francisco, and Washington, DC.