Are Medical Marijuana Businesses Subject to HIPAA?

With medical marijuana legal in an ever-growing number of states, many businesses in the cannabis industry, particularly dispensaries, continue to wrestle with the question of whether they are subject to the Health Insurance and Portability and Accountability Act’s (HIPAA) Privacy and Security Rule requirements. The bad news is that the answer is, it depends. The …

Understanding the HIPAA Security Rule and Tailoring Policies to Fit Your Business

Purpose and Practicality The HIPAA Security Rule[1] was designed to protect the confidentiality, integrity, and availability of a patient’s protected health information (PHI) while allowing flexibility for each covered entity based on their size, complexity, technological capabilities, cost constraints, and the likelihood of potential risks to the electronic PHI (ePHI) they house. To make the …

HIPAA, the Opioid Crisis and the Role of Part 2

Updated as of December 2018 With the ever-growing opioid crisis and the President’s call to action to address that crisis particularly through the signing of the Substance Use-Disorder Prevention that Promotes Opioid Recovery and Treatment for Patients and Communities Act or the SUPPORT for Patients and Communities Act, P.L. 115-271 in October, 2018 , primary …

What To Do When Your Hospital’s System Crashes

Electronic medical records (“EMRs”) have become vital to both hospitals and physician’s practices. They are a secure, electronic version of a patients’ medical history and often include all of the clinical data relevant to a patient’s care, including demographics, progress notes, problems, medications, vital signs, past medical history, immunizations, laboratory data and radiology reports. The …

How Employers Can Handle Their Biggest Threat to Data Privacy, Their Employees

Given the ever-expanding landscape of privacy laws and regulations, employers are becoming increasingly aware that they are responsible for data breaches caused by their employees. When looking to formally put obligations upon employees to modify employee conduct, employers tend to start with policy, such as in an employee handbook to allow a means of internal …

May Highlights: National Healthcare Law News

-Earlier this month, on May 7, 2018, the Senate passed bipartisan S.B. 1732, entitled the “Improving Access to Behavioral Health Information Technology Act.”  The bill, which is currently in the House of Representatives, aims to provide “incentive payments to behavioral health providers for the adoption and use of certified electronic health record technology…to improve the …

Launch of the Criminal Division’s In-House Health Care Data Analytics Team

In its “2017 Year in Review” (https://www.justice.gov/criminal- fraud/file/1026996/download), the Fraud Section in the Criminal Division of the US Department of Justice announced the launch of its Health Care Fraud Unit’s Data Analytics Team. While the use of data analytics is not new to the Department of Health and Human Services and civil enforcement section of …

The Grey’s Anatomy / Allscripts Ransomware Crossover Event: When Scripted TV Becomes Reality, the Script Goes Out the Window

For those familiar with the Shonda Rhimes juggernaut, Grey’s Anatomy, it is the story of surgical residents, fellows, and attending physicians as they work in the surgical wing of the fictional Grey Sloan Memorial Hospital. In most episodes, the situations in which the doctors find themselves in are entertaining, but not necessarily how they might …

Obligations and Expectations Surrounding Healthcare Compliance Programs

The phrase “healthcare compliance program” is commonly used to describe those processes and procedures implemented by a healthcare provider to prevent submission of erroneous claims and combat fraudulent conduct. The expectation is that providers using internal controls will more efficiently monitor adherence to legal and regulatory requirements than providers without such controls in place1. However, …

Managing Today’s Innovation in Healthcare: the Modern IP Strategy

Innovation in the health care industry is heavily focused on data. Data is now considered an integral part in health-related applications ranging from managing patient records to analyzing drug and genetic screening data within a research or clinical context. It is regulated and protected. It also carries significant value when analyzed for purposes of determining …