As telehealth services surged in response to the COVID-19 pandemic, unique compliance challenges likewise developed in unexpected ways. Recognizing these challenges, the Office of Civil Rights (“OCR”) indicated that it would exercise its enforcement discretion by declining to impose penalties against covered health care providers for instances of good faith noncompliance with the requirements of the Health Insurance Portability and Accountability Act (“HIPAA”) in connection with the provision of telehealth services. In effect, a covered health care provider seeking to use audio or video communication technology to provide telehealth services during the public health emergency could do so with greater flexibility.

Continue Reading Office of Civil Rights Publishes Guidance on Use of Audio-Only Telehealth Services

The metaverse has been described as the “next frontier” and the “new era” of healthcare. Although still a loosely defined and relatively broad term, the “metaverse” generally refers to a shared virtual environment accessed by individuals via the Internet. Individuals generally enter the metaverse through the following four technologies: virtual reality, augmented reality, mixed reality and extended reality.  

Continue Reading Digital Health in the Metaverse: Three Legal Considerations

The digital health sector has seen tremendous growth and innovation over the past few years. This momentum introduces new complexities within the legal and regulatory landscape that is trying to
Continue Reading Top 5 Legal Issues in Digital Health to Watch for in 2022

On November 2, 2021, the Centers for Medicare and Medicaid Services (“CMS”) announced that it will be taking actions to advance its strategic commitment to drive innovation to support health equity and high quality, person centered care. CMS’ 2022 Physician Fee Schedule final rule (the “Final Rule”), will focus on, amongst other things:

Continue Reading Health Equity Remains a Priority for the Center for Medicare and Medicaid Services in 2022

As the world continues to shift and adapt to the ongoing COVID-19 pandemic, the digital health sector has experienced tremendous growth and the momentum has only accelerated in 2021.

Continue Reading Trends in Digital Health Funding and Transactions: A Tremendous Year So Far

On May 13, 2021, MITRE Corporation, a non-profit that provides engineering and technical guidance for the federal government, published a long-awaited report proposing a National Strategy for Digital Health (the “Report”).  The proposed strategy provides a framework and prescribes tangible action items in order to revolutionize the American healthcare system through digital tools and technology.  The underlying premise is that harnessing the power of research, data, and innovation can further shared goals and accomplish priority outcomes to transform not only the digital plane of the healthcare system, but every facet of modern American healthcare.
Continue Reading MITRE Corporation Outlines a Proposal for a Digital Health Revolution in New Report

On May 6, 2021, the comment period for the proposed modification to regulations implementing the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) Privacy Rule and Health Information Technology for Economic and Clinical Health Act of 2009 (“HITECH”) closed.  The Office for Civil Rights (“OCR”) at the Department of Health and Human Services (“HHS”) issued its initial request for information in December 2018, subsequently released the Notice of Proposed Rulemaking (“NPRM”) to the public on December 10, 2020, and published the Proposed Rule in the Federal Register on January 21, 2021 (the “Proposed Rule”).  After a significant degree of public interest in providing input on the proposals, OCR extended the comment period from its original end date of March 22, 2021 to May 6, 2021.
Continue Reading HIPAA Privacy Rule Modification – Removing Barriers and Promoting Coordinated Care at What Cost?

Virginia is now the second state, after California, to pass a comprehensive privacy law. The Consumer Data Protection Act (“CDPA”) will come into effect January 1, 2023 (the same time as the modification to California’s Consumer Privacy Act (“CCPA”), i.e., the California Privacy Rights Act (“CPRA”)). While CDPA has fairly broad exemptions for entities regulated by other laws, such as HIPAA, there is also a new “opt-in” requirement for collecting “sensitive data.”
Continue Reading What Virginia’s New Privacy Law Means for Organizations in the Healthcare Industry

Will HHS’ approach for imposing penalties in the aftermath of a data breach become a little clearer in 2021? This is a distinct possibility in the wake of a Fifth Circuit decision vacating penalties against MD Anderson Cancer Center. The hospital suffered three data breaches, leading HHS to impose over $4 million in civil penalties. That fine was reversed recently by the Fifth Circuit as arbitrary, capricious, and contrary to law.
Continue Reading What Does the Fifth Circuit’s Vacating of HHS HIPAA Fines Mean for Companies This Year?