During the COVID-19 pandemic, the government extended much-needed flexibilities surrounding telehealth to facilitate access to care. Many of these flexibilities were lifesaving. This included allowing the prescription of controlled substances via telehealth to treat substance use disorders and psychiatric conditions. Background Prior to the pandemic, in most instances, a patient required at least one in-person […]
Category Archives: Compliance
Written in collaboration with Melissa Chaplik, JD Candidate 2024 The COVID-19 Public Health Emergency (PHE) is ending on May 11, 2023, and so are HIPAA compliance flexibilities for telehealth. Here’s to hoping that the first two episodes of Telehealth, Privacy and The Three Little Pigs inspired action. In the first episode, I warned: Telehealth is […]
On December 15, 2022, the Department of Health and Human Services’ Office for Civil Rights (OCR) announced its 17th HIPAA Right of Access settlement of the year. Overall, OCR has settled or assessed a penalty in a Right of Access enforcement matter 42 times since it began its Right of Access enforcement initiative in 2019. […]
(Revised 1/6/2023; 1/23/2023; 2/11/2023; 3/27/2023; 4/20/2023 – The CT HIE, known as Connie, is new and many aspects of its operations are still in flux. Further, the information I provide is only as good as the information I receive. As I gather new information that contradicts or clarifies old information, I will update this article.) […]
Every couple of months, DMC Law invites healthcare professionals who regularly grapple with privacy issues to gather (remotely) and discuss those issues. The HIPAA Helpline is not a webinar. It’s an interactive session. DMC Law’s lawyers, Dena Castricone and Tracy Guarnieri, review legal requirements while participants share stories, questions and best practices. The goal of […]
A federal district court in Texas issued an opinion on February 23, 2022 (Decision) in which it concluded that the involved governmental agencies made some significant missteps in promulgating regulations under the No Surprises Act (NSA). The NSA took effect on January 1, 2022 and establishes federal protections against surprise medical bills. The law and […]
Here it is! My annual summary of HIPAA enforcement action resolutions. I know you all have been eagerly awaiting its arrival. No plot twists or surprises this year – the enforcement themes are much the same as those in 2020. As I explain below, Right of Access was again the star.
Today, the Connecticut Attorney General’s office announced that it created an online form for data breach reporting. According to the CT AG’s office, “[t]he need for a standardized, online submission form was also motivated by recent amendments to Connecticut’s data breach notification statute.” Those amendments, which took effect on October 1, 2021, include a broadened definition of personal information and a reduced timeframe for notification and reporting from 90 days to 60 days.
Effective January 1, 2022, healthcare providers and facilities will be subject to the No Surprises Act (NSA), which establishes federal protections against surprise medical bills. While there are several parts of the NSA that impact some but not all healthcare providers or facilities (e.g., balance billing prohibitions), the requirement to provide good faith estimates (GFEs) […]
Yesterday, the Department of Health and Human Services’ Office for Civil Rights announced the resolution of five more HIPAA Right of Access claims. That brings the total number of Right of Access resolutions this year to 12 (including a civil monetary penalty), edging out last year’s total of 11. As for settlement and penalty amounts, the Right of Access total for 2021 has surpassed 2020 by more than $300,000.