An article in the December issue of HIPAA Regulatory Alert, “HIPAA Changes Coming in 2022 Might Require Policy Revisions,” discussed how proposed changes to HIPAA and the HITECH Act may affect covered entities and business associates. Rivkin Radler’s Eric Fader was quoted in the article.
Eric pointed out that the proposed changes
On Thursday, November 18, in the next installment of Rivkin Radler’s Healthcare Compliance Lunch & Learn series, Rivkin Radler Partner Eric D. Fader will present an overview of changes in the provision of telehealth services, and federal and state regulation of them, since the beginning of the COVID-19 pandemic. New rules and waivers that are
The New Jersey Attorney General’s Office announced on October 12 that Diamond Institute for Infertility and Menopause, LLC, based in Millburn, NJ, will pay a $495,000 penalty for allegedly violating HIPAA and state law by failing to implement appropriate cybersecurity measures. The New Jersey Department of Law & Public Safety’s Division of Consumer Affairs investigated
The Federal Trade Commission (FTC) recently issued a policy statement confirming that vendors of apps and other connected devices that collect personal health information, such as glucose levels, heart rate, or fertility or sleep data, are subject to the FTC’s Health Breach Notification Rule. The rule, issued in 2009, requires vendors to notify consumers
Connecticut Governor Ned Lamont recently signed into law “An Act Incentivizing the Adoption of Cybersecurity Standards for Businesses” (Public Act No. 21-119). Under the Act, “covered entities” that implement certain cybersecurity measures to protect against data breaches of “personal information” and “restricted information” will be insulated against the imposition of punitive damages arising
On June 23, the Department of Health and Human Services Office of Inspector General (OIG) posted on its website an Issue Brief entitled “Medicare Lacks Consistent Oversight of Cybersecurity for Networked Medical Devices in Hospitals.” According to the OIG, the Centers for Medicare & Medicaid Services should amend interpretative guidelines or other nonbinding guidelines, or
Flo Health, Inc., which markets a menstrual and ovulation tracking app, recently entered into a settlement with the Federal Trade Commission (FTC) to dispose of charges that Flo improperly shared consumer data with third parties, including Facebook and Google. The disclosure of the data, which included pregnancy status and sexual history of more than 100