Skip to main content
Keeping you afloat admidst the rising sea of regulations

Approval of Privacy Shield Provides Framework for Transfer Personal Data between the US and EU

What’s New?After months of negotiations, it’s official: the EU-US Privacy Shield has been formally approved on both sides of the Atlantic, by the EU Commission and the US Commerce Department, despite concerns surrounding the adequacy of its earlier version.

IT Systems Put Security into Health Care Cybersecurity

*This article was originally published by The Journal of Health Care Compliance.

OCR’s HIPAA Guidance on Ransomware Expands Traditional Interpretation of “Breach”

On Monday, July 11, 2016, the Office for Civil Rights (OCR) released a fact sheet with guidance for covered entities and business associates on HIPAA and ransomware.

What Do Self-Driving Cars and Your Heart Monitor Have in Common? The Same Questions About Cybersecurity.

Arent Fox partner Sarah Bruno recently published a very interesting alert on new privacy and cybersecurity challenges facing the automotive industry in the age of autonomous vehicles, syncing software, and wearable devices that interact with your vehicle.

Health on the Move: FTC and HHS Release Guidance for Mobile Health App Developers

On April 5, 2016, Chairwoman Edith Ramirez of the Federal Trade Commission (FTC) announced the release of a new web-based tool to assist developers of mobile health apps in understanding what federal laws they must comply with. The FTC’s new tool joins several others released by other federal agencies designed to educate and guide app developers in their efforts to create compliant apps.   

Ransomware Attack on California Hospital Puts Providers on Alert for New Threats to Health Information

While management at hospitals and other health care providers has long been aware of the need to implement computer security policies to comply with HIPAA’s requirements for protecting sensitive patient information, cybersecurity may have rocketed to the top of management’s priority list in the wake of the recent cyberattack on Hollywood Presbyterian Medical Center (HPMC) that left the hospital unable to access some of its computer systems for ten days.

Senator Boxer Questions Medical Device Makers about Cybersecurity

On February 4, 2016, Senator Barbara Boxer (D-CA) sent a letter to the five largest medical device makers asking them to explain what steps they are taking to address cyber vulnerabilities in their products. The letter was sent to the chief executive officers of Johnson & Johnson, Medronic, GE Healthcare, Phillips North America, and Siemens USA.  

OIG Reminds Providers that the Donation of EHR Systems with Limited Interoperability May Violate the Federal Anti-Kickback Statute

On October 6, the U.S. Department of Health and Human Services (HHS) Office of Inspector General (OIG) released an OIG Alert reminding the public that electronic health records (EHRs) furnished to referral sources may not meet the federal anti-kickback statute’s EHR safe harbor if the EHR system has limited or restricted interoperability.

OCR To Mobile Health Developers: Send Us Your HIPAA Questions

Bringing to life an initiative described by Jocelyn Samuels, the Director of the Office for Civil Rights (OCR), at the recent Safeguarding Health Information: Building Assurance through HIPAA Security conference, OCR has announced the launch of a new on-line platform to solicit questions on HIPAA compliance from mobile health developers and others interested in t