Electronic Health Records

Connecticut Governor Ned Lamont recently signed into law “An Act Incentivizing the Adoption of Cybersecurity Standards for Businesses” (Public Act No. 21-119). Under the Act, “covered entities” that implement certain cybersecurity measures to protect against data breaches of “personal information” and “restricted information” will be insulated against the imposition of punitive damages arising

The proposed 2022 Medicare Physician Fee Schedule released on July 13 by the Centers for Medicare & Medicaid Services (CMS) includes a new category of CPT codes for “remote therapeutic monitoring” (RTM). The new codes are in addition to the set of codes introduced in 2019 for remote physiological monitoring, usually called remote patient monitoring

On June 23, the Department of Health and Human Services Office of Inspector General (OIG) posted on its website an Issue Brief entitled “Medicare Lacks Consistent Oversight of Cybersecurity for Networked Medical Devices in Hospitals.” According to the OIG, the Centers for Medicare & Medicaid Services should amend interpretative guidelines or other nonbinding guidelines, or

The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) has pursued its HIPAA Right of Access Initiative since 2019. OCR’s 19th settlement under the initiative, with The Diabetes, Endocrinology & Lipidology Center, Inc. (DELC), curiously resulted in only a $5,000 fine. The West Virginia provider treats patients who have endocrine disorders.

The U.S. Department of Justice recently announced that CareCloud Health, a Florida-based developer of electronic health records software, agreed to pay $3.8 million to resolve a whistleblower’s allegations that it paid illegal kickbacks to generate sales of its products. CareCloud’s marketing referral program called the “Champions Program” allegedly violated the federal Anti-Kickback Statute (AKS) and

On April 6, Rivkin Radler’s Ben Malerba gave a presentation to members of the Coalition for Behavioral Health. The presentation was entitled “HIPAA in an Evolving Health Care Environment: Proposed Changes for 2021 and Response to COVID-19.”

The Coalition for Behavioral Health provides policy, advocacy, training and technical assistance to more than 100 community-based behavioral

A March 11 article in the Health Care Compliance Association’s Report on Patient Privacy, “In Wake of 16th OCR Settlement, Time For CEs, BAs to Take Right of Access Seriously,” discussed the Right of Access Initiative that the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) has been pursuing since

For those providers who somehow missed or ignored the first 15 settlements in the series, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) recently announced that Sharp HealthCare, doing business as Sharp Rees-Stealy Medical Centers, agreed to pay a $70,000 fine for failing to provide a patient with timely access

Flo Health, Inc., which markets a menstrual and ovulation tracking app, recently entered into a settlement with the Federal Trade Commission (FTC) to dispose of charges that Flo improperly shared consumer data with third parties, including Facebook and Google. The disclosure of the data, which included pregnancy status and sexual history of more than 100

The U.S. Department of Justice (DOJ) announced on January 28 that athenahealth Inc., a Massachusetts-based electronic health records (EHR) technology vendor, has agreed to pay $18.25 million to resolve allegations that it paid illegal kickbacks to generate sales of its EHR product, athenaClinicals. The settlement is the government’s latest reminder that marketing initiatives that are