On October 26, 2017, President Trump directed the Secretary of the Department of Health and Human Services (“Secretary”) to declare a National Public Health Emergency on the opioid epidemic. While the President offered few details regarding how his administration will address the challenge of treating patients struggling with opioid addiction, a previous statement from the

Updates to OIG FY 2017 Work Plan

The United States Department of Health and Human Services (“HHS”) Office of the Inspector General (“OIG”) recently updated its FY 2017 Work Plan. Traditionally, OIG’s annual Work Plan has given health care providers a preview of OIG’s enforcement priorities. With the OIG now making updates to its

The increasing prevalence of mobile technology in the healthcare sector continues to create compliance concerns for physician practices and other health care entities.  While the Office of Civil Rights (OCR) of the Department of Health and Human Services, has traditionally focused on technology breaches within larger health systems, smaller physician practices and health

By Marshall Jackson and Alaap Shah

If you have tuned into the news over the last few months, you are likely aware that several major corporations—including one of the nation’s largest retail chains—have suffered data breaches. These breaches have affected hundreds of millions of consumers, and in some cases exposed sensitive financial data such

By:  Alaap Shah and Marshall Jackson

With the New Year, come new protections for health care entities and individuals utilizing electronic health records (EHRs).  On December 27, the U.S. Department of Health and Human Services, Office of Inspector General (OIG) and the Centers for Medicare and Medicaid Services (CMS), issued final rules regarding the

   By:  Alaap Shah and Ali Lakhani

Why is data breach such a rampant problem within the health care industry?

As health care rapidly digitizes through adoption of electronic health records, mobile applications and the like, the risk of data breach is rising exponentially.  To effectively manage this risk, health care companies and their business associates

By: Alaap Shah and Marshall Jackson

Data is going digital, devices are going mobile, and technology is revolutionizing how care is delivered.  It seems to be business as usual, as your health care organization continues to digitize its operations.  You have even taken measures to help guard against the “typical” risks such as lost laptops,

By:  Alaap Shah and Ali Lakhani

The Good: 

“Hey Doc, just shoot me a text . . .”

The business case supporting text messaging in a health care environment is compelling – it is mobile, fast, direct, and increases dialogue between physicians and patients as well as streamlines the often inefficient page/callback paradigm that

Before initiating treatment, health care providers must generally obtain their patients’ informed consent. The purpose of the informed consent process is two-fold. First, it allows patients to gain an understanding of the risks and benefits of the proposed treatment, and alternative courses of action. Second, it helps shield providers from legal exposure.

A formal informed

In the healthcare industry we often associate information privacy and security enforcement with HIPAA and state privacy laws.  However, a lesser known but in some cases just as significant regulator of information privacy is the Federal Trade Commission (“FTC”). This is especially true with regard to mobile health applications, which depending on how they