If you are a covered entity health plan or clearinghouse, you may be among the nine (un)lucky entities randomly chosen this month for review into compliance with HIPAA’s Administrative Simplification rules governing electronic transactions, code sets, and unique identifiers. According to an FAQ published in March, the Centers for Medicare & Medicaid Services (CMS), acting
HIPAA Security and “Zero Day” Exploits: How to Stay Ahead of the Hack
HHS Office for Civil Rights (OCR)’s April 3, 2019 cybersecurity newsletter highlights one of the more challenging cybersecurity vulnerabilities faced by covered entities and business associates. OCR reminds covered entities (CEs) and business associates (BAs) that compliance with the HIPAA Security Rule can help, but stops a bit short of providing concrete guidance as to
New Apple Watch May Mark Time To Rethink HIPAA
The new Apple Watch Series 4® is one of the more recent and sophisticated consumer health engagement tools. It includes a sensor that lets wearers take an electrocardiogram (ECG) reading and detect irregular heart rhythms. The U.S. Food & Drug Administration (FDA) recently approved these functions as Class II medical devices, which generally
Join Top Cybersecurity Pros at Fox’s Privacy Summit
Fox Rothschild’s Minneapolis Privacy Summit on November 8 will explore key cybersecurity issues and compliance questions facing company decision-makers. This free event will feature an impressive array of panelists drawn from cybersecurity leaders, experienced regulatory and compliance professionals and the Chief Division Counsel of
When Data is Like Toothpaste
In 1973, President Richard Nixon’s Chief of Staff H.R. Haldeman warned White House Counsel John Dean against talking to prosecutors investigating the growing Watergate scandal, telling him “Once the toothpaste is out of the tube, it’s going to be very hard to get it back in,” and a useful idiom was born. Personal
A Movement to Consider: Telepsychiatry in New York State
In a post on February 28, Fox associate Kristen Marotta discussed the privacy and security issues arising from the growing use of telemedicine, particularly for mental health treatment. Now on the firm’s Physician Law blog, Kristen continues her discussion of telepsychiatry by diving into recent developments in New York State surrounding the innovative practice
Perks and Tips for the Recent Medical Graduate: Telemedicine and HIPAA
Kristen Marotta writes:
Many believe that educated millennials are choosing to work in urban, rather than rural areas, during their early career due to societal milestones being steadily pushed back and the professional opportunities and preferences of a young professional. Recent medical school graduates are a good example of this dichotomy. The shortage of
The President Can Tweet, But Can a Doctor Text?
Text messaging is a convenient way for busy doctors to communicate, but for years, the question has remained: are doctors allowed to convey sensitive health information with other members of their provider team over SMS? The answer is now “yes,” thanks to a memo published last week by the U.S. Department of Health & Human
There’s An App For That Health Information – But is it HIPAA-Covered?
“Maybe” is the take-away from recent guidance posted on OCR’s mHealth Developer Portal, making me wonder whether the typical health app user will know when her health information is or is not subject to HIPAA protection.
The guidance is clear and straightforward and contains no real surprises to those of us familiar with HIPAA,
Apple, the FBI, and iPhone Encryption: A Battle of Biblical Proportions with Implications for HIPAA
Whether it was an apple or a quince, pomegranate, or some other more botanically-likely fruit growing in the Garden of Eden, God’s command in Genesis was clear: do not eat the fruit from the tree of the knowledge of good and evil. When Adam and Eve ate the apple (or other fruit) anyway, they gained