Jackson Kelly PLLC

Health Law Monitor

HIPAA privacy issues

Colorado Candor Act C.R.S. 25-51-104 to 106

Many of you are aware of “I’m sorry” laws that have been passed in many states which allow doctors and other healthcare providers to express sympathy and regret about an adverse event without it being used against them in a later civil suit. These laws are intended to provide freedom for the practitioner to communicate with a patient on a personal basis without worry over legal consequences of…

HHS Proposes Modifications to The HIPAA Privacy Rule

On December 10, 2020, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced proposed changes to the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule. The proposed updates aim to give patients more access to their health information and improve coordinated care, while also ensuring that patients are afforded privacy and security…

HHS COVID-19 HIPAA Bulletin-Limited 72 Hour Waiver; Permissible Disclosures Reminder

Even in the midst of a nationwide public health emergency, the HIPAA Privacy Rule (“Privacy Rule”) provisions still apply. However, the Secretary of the U.S. Department of Health and Human Services (“HHS”) may waive certain provisions of the Privacy Rule pursuant to the Project Bioshield Act of 2004 and Section 1135(b)(7) of the Social Security Act.

President Trumps’ declaration of a nationwide…

Beware! Hackers Using the COVID-19 Crisis as Opportunity

As the COVID-19 pandemic escalates in the United States, it appears that hackers are using the crisis as an opportunity to exploit victims. The United States Department of Health and Human Services was the victim of a cyber-attack that occurred on March 16, 2020. Additionally, in recent weeks, various businesses and consumers have reported an increase in COVID-19-related “phishing” attempts.2  …

Dental Practice Social Media Post Results in Fine by Regulators

In a recent resolution agreement between Elite Dental Associates (“Elite”), a dental practice in Dallas, Texas, and the U.S. Department of Health and Human Services Office for Civil Rights (“OCR”), the OCR alleged that Elite impermissibly disclosed patients' protected health information (“PHI”) in its responses to patient reviews on the social media site Yelp. As part of its investigation,…

ONC Report on Policy Gaps for Privacy and Security of mHealth Data

In July, the Office of the National Coordinator for Health Information Technology (“ONC”) released a report that examines the oversight of the privacy and security of health data collected by entities not regulated by the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). The report primarily focuses on two areas of emerging technologies provided by entities that are not…

Recent Guidance on Ransomware, HIPAA, and Cyber Incident Reporting

The Department of Health and Human Services (HHS) recently released guidance for health care entities to better understand and respond to the increased threats of ransomware.  The guidance was published on July 11, 2016, and provides clarification regarding the interplay of ransomware and HIPAA, specifically that (1) a ransomware attack is a “security incident” under HIPAA, and (2) a…

Ex-Parte Contacts with Treating Physicians in Kentucky

The Kentucky Supreme Court rendered an opinion on June 11, 2015, establishing the law in Kentucky on ex parte communications with a party’s non-expert treating physician, i.e. interviewing the Plaintiff’s treating physicians in advance of a deposition.  In Caldwell v. Hon. A.C. McKay Chauvin, the plaintiff in an underlying medical negligence action sought a writ from the Kentucky…

Senate Bill 6 and its Impact on Health Care Professionals

The West Virginia Legislature recently amended the Medical Professional Liability Act, W.Va. Code 55-7B-1, et seq. (“MPLA”) through Senate Bill 6.  These amendments accomplished several things including broadening the statutory definitions of “health care provider” and “health care” to encompass a wider range of health care professionals, health care related activities, and provide MPLA…

State Law Causes of Action for Patient Privacy Breach Proceed Despite HIPAA Preemption

Since its enactment, many providers have been faced with the risk of government sanctions for patient privacy breaches under the Health Insurance Portability and Accountability Act (“HIPAA”), but have been able to seek solace in the fact that HIPAA does not allow for a private cause of action and preempts conflicting state law.  The Connecticut Supreme Court’s opinion in Byrne v. Avery…

 

© 2021 Jackson Kelly PLLC. All Rights Reserved.