On April 5, 2016, the Federal Trade Commission (FTC) released new guidance for mobile apps directed towards providing health-related services and information. This guidance was developed with numerous other agencies, including the Office for Civil Rights (OCR), to assist app developers in complying with federal healthcare law. One of the paramount concerns with mobile apps …
New HIPAA Guidance on Ransomware Prevention and Recovery
By Rose Willis A U.S. government interagency report indicates that there has been a 300 percent increase in the daily ransomware attacks in 2016 as compared to 2015. Ransomware is malicious software that, when introduced into a system, gives a hacker access to the user’s system, and the ability to encrypt data and hold it …
Continue reading “New HIPAA Guidance on Ransomware Prevention and Recovery”
Canada-US Health IT Innovation Summit: Detroit
Join TechTown, University of Windsor, Canadian Technology Accelerator, Consulate General of Canada in Detroit, and We-Tech Alliance for the first ever Canada-US Health IT Innovation Summit in Detroit on Thursday, April 28, 2016 at TechTown. This event is a unique opportunity to connect American and Canadian companies in exploring new areas and avenues for innovation …
Continue reading “Canada-US Health IT Innovation Summit: Detroit”
Healthcare Industry Sees Increase in Malware Attacks
By Craig Phillips In the last couple of weeks, numerous large health organizations, including hospitals, have been the target of malware attacks. Last night, MedStar, which operates ten hospitals in Washington, D.C. and Maryland was hit with malware and had to take all of their computer systems, including every station in every hospital offline. MedStar, …
Continue reading “Healthcare Industry Sees Increase in Malware Attacks”
HIPAA Privacy Rule Amendment will Permit Very Limited Reporting of Mental Health Information to the NICS
By Rose Willis An amendment to HIPAA’s privacy rules will allow a limited subset of covered entities (such as, potentially, state agencies) to disclose information to the National Instant Criminal Background Check System (NICS). The amendment takes effect February 5, 2016, and will be most relevant in those states that do not already require reporting …
Happy ICD-10 Day!
By Craig Phillips Since 13,000 ways to be sick, injured, or mortally wounded were not enough, we now have about 70,000 ways. This includes codes for “parrot bites” and “sucked into a jet engine.” There is also V97.33XD – “sucked into jet engine, subsequent encounter;” what patient was sucked into a jet engine, survived, …
Responding to Subpoenas and Other Requests for Personal Health Information: Take Them at Face Value
By Billee Ward Healthcare providers and other HIPAA covered entities receive requests for protected health information (“PHI”) from a variety of sources on a daily basis. Such requests can range from informal requests made during the course of conversation with a patient or family member, to written requests or demands served by law enforcement personnel …
Legal and Regulatory Landscape for Mobile Health Technologies
By Brian Balow Mobile health (mHealth) technologies continue to expand in application and implementation. Over the past decade, the breadth of these technologies has grown from the creation of healthcare-directed websites (think WebMD) to implanted medical devices that constantly transmit and receive information (sometimes on a device-to-device basis). If you are either a provider or …
Continue reading “Legal and Regulatory Landscape for Mobile Health Technologies”
PHIPA offers “no shelter” to Ontario Hospital from class proceedings for breach of privacy
By Wendy Hulton Back in 2012, the Ontario Court of Appeal recognized the tort of invasion of privacy – fast forward to the recent string of privacy breaches of personal information held by health care facilities in Ontario. Along comes Hopkins v Kay, 2014 ONSC 321 (CanLII), where patients from the Peterborough Regional Health Centre …
Complying with Recent Changes to the Physician’s Notice of Privacy Practices
By Rose J. Willis A physician practice’s Notice of Privacy Practices (“NPP”) acts as the “roadmap” to the practice’s permitted uses and disclosures of their patients’ protected health information (“PHI”). September 23, 2013 was the deadline for revising NPPs to comply with the changes set forth in the 2013 HIPAA Omnibus Final Rule, meaning that …
Continue reading “Complying with Recent Changes to the Physician’s Notice of Privacy Practices”