Category: Health Care



New Handbook Provides Guidance to Healthcare Delivery Organizations on Preparation and Response to Medical Device Cybersecurity Incidents

Share

Recently, the MITRE Corporation, in collaboration with the U.S. Food and Drug Administration (FDA), announced the release of the Medical Device Cybersecurity Regional Incident Preparedness and Response Playbook.  The Playbook was designed to provide “tools, references, and resources” for Healthcare Delivery Organizations (HDOs) to better prepare for and respond to medical device cybersecurity incidents.

Continue reading

Employee’s Illegal Access to Patient Records Results in Data Breach of 15,000 Patients: Hospital System to Pay for Violations

Share

UMass Memorial Medical Center, Inc., and UMass Memorial Medical Group, Inc. (collectively, UMass) has agreed to pay $230,000 to settle claims alleging that that they violated the federal Health Insurance Portability and Accountability Act of 1996 (HIPAA), and various other state patient privacy laws.

Continue reading

Three Separate OCR Settlements Resulting from Hospital Failures to Obtain Patient Authorization for Use of Protected Health Information Before Filming Television Docuseries

Share

The Department of Health and Human Services, Office for Civil Rights (OCR) announced three separate settlements with Boston Medical Center (BMC), Brigham and Women’s Hospital (BWH), and Massachusetts General Hospital (MGH), respectively, over potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule totaling $999,000. According to the settlements, the potential violations were the result of the alleged disclosure of patient protected health information (PHI) to ABC News employees during the production and filming of the docuseries called  “Save My Life: Boston Trauma,” at each hospital.

Continue reading

CMS Releases Final Rule for Promoting Interoperability Program

Share

The Centers for Medicare and Medicaid Services (CMS) recently released their Final Rule for the Promoting Interoperability Program formerly known as the Medicare and Medicaid Electronic Health Record Incentive Programs.

CMS had previously published a Proposed Rule and a request for feedback from the public related to improving interoperability and the sharing of electronic medical records between providers, and between providers and patients, which we covered in a May blog post. CMS has stated that the purpose of the Final Rule is to “advance the agency’s priority of creating a patient-centered health care system by achieving greater price transparency, interoperability, and significant burden reduction so that hospitals can operate with better flexibility and patients have what they need to be active healthcare consumers.”

Continue reading

Business Associate Exposes Protected Health Information of 19,000 Patients

Share

An error made by a transcription service provider during a software upgrade on Orlando Orthopaedic Center (OOC)’s server in December 2017 has resulted in the exposure of more than 19,000 patients’ protected health information (PHI). PHI stored on OOC’s server from December 2017 until February 2018 – when the breach was finally discovered – was freely exposed over the internet without any authentication. Upon full investigation, patients’ names, social security numbers, dates of birth, insurance information, employer details, and treatment types were deemed accessible.

Continue reading

FCC Moves Ahead with Connected Care Pilot Program Notice of Inquiry

Share

The Federal Communications Commission (FCC) announced its intention to launch a $100 million pilot program to provide greater access to health care for rural and low-income Americans, as well as veterans, through the use of telehealth last month. The FCC is now moving forward with a Notice of Inquiry (NOI), which will kick off a comment period on the proposed program.

Continue reading

« Older posts

© 2018 Drinker Biddle & Reath LLP. All Rights Reserved. Lawyer Advertising.

Disclaimer/Privacy Policy