Cybersecurity

Rivkin Radler’s Shari Claire Lewis wrote an article, “FTC Appears Ready to Begin Enforcing Its Health Breach Notification Rule,” that was published in the New York Law Journal on April 18. The article discusses the Federal Trade Commission’s rule that requires manufacturers of connected medical devices, fitness trackers and other wearables, and health

The U.S. Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center (HC3) recently issued a report entitled “Electronic Medical Records in Healthcare” that discussed security risks applicable to electronic medical records (EMRs) and electronic health records (EHRs). EHRs and EMRs are prime targets for cyber attackers because protected health information (PHI)

We don’t often cover brand-new proposed legislation on Rivkin Rounds, generally preferring to wait until it’s closer to becoming law. However, two bipartisan bills introduced in Congress last week are worthy of mention.

The Telehealth Extension and Evaluation Act would allow the Centers for Medicare & Medicaid Services to extend certain pandemic-era flexibilities in Medicare

On January 24, New York Attorney General Letitia James announced a settlement with EyeMed Vision Care LLC based on shortcomings in the company’s data security procedures. The problems were discovered during the state’s investigation of a 2020 data breach that affected 2.1 million people.

EyeMed, owned by Italian eyeware giant Luxottica Group PIVA, provides vision

Rivkin Radler’s Michael Sirignano wrote an article, “An Insurance Fraud Year in Review,” that was published in the January 6 issue of the New York Law Journal. Among the many cases and settlements discussed were False Claims Act cases involving federal healthcare programs, healthcare fraud related to COVID-19 testing and telehealth services,

An article in the December issue of HIPAA Regulatory Alert, “HIPAA Changes Coming in 2022 Might Require Policy Revisions,” discussed how proposed changes to HIPAA and the HITECH Act may affect covered entities and business associates. Rivkin Radler’s Eric Fader was quoted in the article.

Eric pointed out that the proposed changes

On Thursday, November 18, in the next installment of Rivkin Radler’s Healthcare Compliance Lunch & Learn series, Rivkin Radler Partner Eric D. Fader will present an overview of changes in the provision of telehealth services, and federal and state regulation of them, since the beginning of the COVID-19 pandemic.  New rules and waivers that are

The New Jersey Attorney General’s Office announced on October 12 that Diamond Institute for Infertility and Menopause, LLC, based in Millburn, NJ, will pay a $495,000 penalty for allegedly violating HIPAA and state law by failing to implement appropriate cybersecurity measures. The New Jersey Department of Law & Public Safety’s Division of Consumer Affairs investigated

The Federal Trade Commission (FTC) recently issued a policy statement confirming that vendors of apps and other connected devices that collect personal health information, such as glucose levels, heart rate, or fertility or sleep data, are subject to the FTC’s Health Breach Notification Rule. The rule, issued in 2009, requires vendors to notify consumers

Connecticut Governor Ned Lamont recently signed into law “An Act Incentivizing the Adoption of Cybersecurity Standards for Businesses” (Public Act No. 21-119). Under the Act, “covered entities” that implement certain cybersecurity measures to protect against data breaches of “personal information” and “restricted information” will be insulated against the imposition of punitive damages arising