Ensuring Data Privacy in Genomic Medicine: Legal Challenges and Opportunities

Originally published in Healthcare Michigan, Volume 40,  No. 6 Introduction As the intersection of technology and healthcare becomes increasingly nuanced, the field of genomic medicine is rapidly evolving and expanding. Genomic medicine, or personalized medicine focusing on the data holding information on base sequence in an individual’s genome, uses an individual’s genetic information to guide healthcare …

HHS Proposes Rule on Confidentiality of Substance Use Disorder Patient Records

Originally published in Michigan Healthcare Volume 39, No. 12 On December 2, 2022, the US Department of Health and Human Services (“HHS”) Office for Civil Rights (OCR) and Substance Abuse and Mental Health Services Administration (SAMHSA) issued a Notice of Proposed Rulemaking to modify portions of Part 2 of Title 42 of the Code of …

Post-Pandemic HIPAA Guidelines for Audio-Only Telehealth

The Department of Health and Human Services (“HHS”) recently announced guidelines for the application of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) to audio-only telehealth encounters following the end of the declaration of the COVID-19 public health emergency (“PHE”). As reported here at the beginning of the Covid-19 pandemic, the HHS Office …

Employers, Employees, & HIPAA, Oh My!

Oftentimes, healthcare entities’ employees are also patients of the healthcare entity, creating a dual role as employer and employee as well as doctor and patient. But what can an employer do when they need to access an employee’s medical records? Are these medical records treated differently than non-employee patients? Throughout the last few years, we …

HIPAA Considerations for Covered Entity Employers Seeking Employee Proof of COVID-19 Vaccination

As employees return to the workplace, an increasing number of employers are asking their workers to provide proof of their COVID-19 vaccinations. This has led to many questions and concerns about whether such a practice is permitted under various healthcare privacy laws, particularly the Health Insurance Portability and Accountability Act (“HIPAA”). At first glance, the …

Nevada Supreme Court Rules in Favor of Dickinson Wright Client, Applying the “Savings Clause” in Enforcing Non-Competition Agreements

Many practitioners in Nevada had been operating under the assumption that the Nevada Supreme Court’s 2016 opinion in Golden Road Motor Inn, Inc. v. Islam, 132 Nev. 476, 376 P.3d 151 (2016) automatically rendered void and unsalvageable any non-competition agreement entered into prior to the enactment of NRS 613.195(5)[1] in June 2017 that contained a …

Accurately and Thoroughly Conduct a HIPAA Security Risk Analysis – Or Risk a $100,000 Fine (or More)

On the surface, it seems like an obvious choice – follow the law and avoid the risk of a hefty fine – but health care providers may learn the hard way that implementing HIPAA Security Rule requirements is, in fact, more complicated than it might first seem. According to a recent U.S. Department of Health …

Healthcare Provider Fined for Disclosing PHI in Response to a Yelp! Review

When healthcare providers are subject to a bad review on Yelp! or similar customer-review websites and apps, it can be difficult to hold back and not provide a response or at least attempt to clarify the situation. However, healthcare providers, including dental providers, must ensure that employees who handle their social media, including customer-review websites …

App Users Beware: Most Healthcare, Fitness Tracker, and Wellness Apps Are Not Covered by HIPAA and HHS’s New FAQs Makes That Clear

Individuals who use healthcare apps such as fitness trackers, weight loss, wellness, exercise, etc., BEWARE! A couple of recent developments have highlighted the fact that most apps are not subject to HIPAA, which means that with broadly-worded privacy policy these healthcare apps can and do readily share healthcare and other data collected by the apps …

Are Medical Marijuana Businesses Subject to HIPAA?

With medical marijuana legal in an ever-growing number of states, many businesses in the cannabis industry, particularly dispensaries, continue to wrestle with the question of whether they are subject to the Health Insurance and Portability and Accountability Act’s (HIPAA) Privacy and Security Rule requirements. The bad news is that the answer is, it depends. The …