The Health Law Department at Obermayer Rebmann Maxwell & Hippel LLP invites you to “Big Risks, Big Rewards: Big Data in Health Care,” an exciting presentation about big data and how to harness the power of big data in the health care industry. Continue Reading
OCR has announced several recent settlement agreements to resolve violations of the Health Insurance Portability and Accountability Act (“HIPAA”). These settlement amounts range from $25,000 to $3.9 million dollars and illustrate a range of mistakes that health care providers make with respect to their HIPAA compliance. This post briefly summarizes OCR’s findings with respect to each settlement agreement. Based on OCR’s findings, the Health Law Gurus provide steps that your organization can take to reduce its risk of a HIPAA breach.
Physical Therapy Provider – Impermissible Disclosure of PHI
Complete P.T., Pool & Land Physical Therapy, Inc. (“PT”), a physical therapy practice located in Los Angeles, agreed to pay $25,000 and enter into a corrective action plan as a result of an impermissible disclosure of protected health information (“PHI”). PT posted patient testimonials on its website without obtaining valid authorizations as required by HIPAA. The patient authorizations included full names and full facial images of the patients. OCR discovered through its investigation that PT had not reasonably safeguarded PHI, had disclosed PHI without valid HIPAA authorizations, and had failed to implement policies and procedures for PHI regarding authorization. Continue Reading
Amidst criticism that the Health Insurance Portability and Accountability Act (“HIPAA”) lags behind technological innovation, the Office for Civil Rights (“OCR”) released new guidance to aid app developers in determining how HIPAA may apply to the products they are building and developing. OCR explained that the guidance is intended to “reduce some of the uncertainty that can be a barrier to innovation.”
OCR’s guidance walks through how an app developer could be required to comply with HIPAA. The guidance explains that app developers who work for a covered entity (meaning a health plan, a health care clearinghouse, or health care providers) and, as part of their jobs, are developing an app that involves the use or disclosure of protected health information (“PHI”) are covered by HIPAA. The guidance explains that HIPAA also covers app developers who are business associates of covered entities if they are creating or offering an app on behalf of a covered entity or one of the covered entities’ contractors. Continue Reading
With the implementation of the Affordable Care Act, millions of newly insured patients have entered the health care market, bringing attention to the need for expanded access to services. Meanwhile, rapid advancements in the use of high-speed data transmission have paved the way toward using Internet technology to alleviate this problem, while addressing numerous inefficiencies which exist under traditional models of health care delivery. Telemedicine, “the remote diagnosis and treatment of patients by means of telecommunications technology,” has become an area of vast potential in facilitating timely access to primary care and specialist consultations. Continue Reading
The Health Law Gurus™ are here to help you stay current on issues and breaking news in health law. To help you stay up-to-date, we are excited to announce our new segment, “Ask the Health Law Gurus™.” Each month, we will select a reader’s question and answer it here, on the Health Law Gurus™ blog.
In response to our last blog post, “Historic Moment: Husband Reports Wife’s HIPAA Violation Triggering Six Figure Penalty Against Employer,” we received a question about civil monetary penalties. We address the question below.
QUESTION: What is a civil monetary penalty (“CMP”), and how is it different from a settlement with the Office for Civil Rights (“OCR”) for a violation of the Health Insurance Portability and Accountability Act (“HIPAA”)? Continue Reading
For the second time in history, the Office for Civil Rights (“OCR”) has imposed a civil monetary penalty (“CMP”) against a covered entity for violations of the Health Insurance and Portability Act (“HIPAA”). Lincare, Inc., a provider of respiratory care, infusion therapy, and medical equipment to in-home patients, is required to pay a $239,800 CMP for failure to safeguard its patients’ protected health information (“PHI”) in violation of HIPAA. A U.S. Department of Health and Human Services administrative law judge has upheld the imposition of the CMP and granted summary judgment to OCR on all issues. Continue Reading
Celebrate Data Privacy Day with us on January 28! Join Philadelphia’s IAPP at 1 Tippling Place, 2006 Chestnut Street from 5:30 until 7:30 for a causal networking event that is open to the public.
Hosted by: Erica Woebse, CIPP/US, CIPP/G Associate – Obermayer Rebmann Maxwell & Hippel LLP
Earlier this month, Henry Schein Practice Solutions, Inc. (“Schein”), a provider of office management software to dental practices, learned the hard way that exaggerating the capabilities of its products can be very costly. On January 5, 2016, Schein agreed to pay the Federal Trade Commission (the “FTC”) $250,000 to settle claims that it falsely advertised the level of encryption its Dentrix G5 software used to protect patient data. Continue Reading
Medical tourism is the term used to describe the movement of patients across international borders in pursuit of medical care and treatment. While in the United States the term is usually associated with Americans leaving the country in search of low-cost treatments — particularly cosmetic surgery, dental care, fertility treatments, and heart surgery — the term also refers to international patients who travel to the United States for care. Generally speaking, international patients who travel to the United States seek access to medical procedures that are either not available in their countries of origin or have better patient outcomes in the United States.
In the medical tourism industry, prestigious hospitals (like the Mayo and Cleveland Clinics) are known for their treatment of international patients. Many of these hospitals have specific services catering to international patients, such as airport pick-up and drop-off, hotel shuttles, translators, and traveling planning assistance. These services are intended to facilitate the medical tourism process and combat the difficulties international patients may encounter, including obtaining a visa or overcoming cultural barriers like language differences. Continue Reading
The Precision Medicine Initiative (“PMI”) was officially unveiled in President Obama’s January 2015 State of the Union address. Precision medicine is an emerging approach for disease prevention and treatment that considers an individual’s genes, environment, and lifestyle. The hope is that PMI will usher in a new era of medicine in which researchers, providers, and patients work together to develop and implement individualized patient care.
Precision medicine, or “personalized medicine” as it was previously called, has been around for a number of years. In 2008, a report to President Bush recommended public policy initiatives for the development of tools and technologies and regulations and reimbursement for genomics-based diagnostic testing. A 2010 report by the President’s Counsel of Advisors on Science and Technology expanded upon the potential value of federal initiatives to standardize and extend the use of electronic health records and health information exchange to facilitate the delivery of patient-specific data to physicians and patients. Continue Reading