Perspectives on Health Privacy, Security & HIPAA

Health Care Counsel Gayland Hethcoat will lead a session on California’s Data Exchange Framework (DxF) at the California Society for Healthcare Attorneys’ (CSHA) 2024 Fall Seminar in Sacramento, California, on November 15, 2024.

On September 29, California Governor Gavin Newsom vetoed SB 1047, one of the most ambitious efforts yet to establish a comprehensive artificial intelligence (AI) regulatory framework in the United States.

On June 20, a federal district court in Texas ruled that the US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) exceeded its authority under the Health Insurance Portability and Accountability Act (HIPAA).

On June 28, the US Supreme Court overturned the Chevron doctrine — the legal principle that the judiciary should defer to a federal agency’s reasonable interpretation of an ambiguous statute.

Who will notify the potentially millions of individuals whose information might have been jeopardized by the massive cyberattack on Change Healthcare? Since the affiliate of UnitedHealth Group (UHG) first reported the cyberattack in February.

On April 26, the US Department of Health and Human Services Office for Civil Rights (OCR) published a Final Rule that adds protections under the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule designed to support the privacy of reproductive health care.

On February 14, the US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) issued its annual reports to Congress detailing its actions to enforce the privacy, security, and breach notification requirements under the Health Insurance Portability and Accountability Act (HIPAA).

Change Healthcare, an affiliate of Optum and UnitedHealth Group, processes more than 15 billion health care transactions annually and touches one of every three patient records.

Counsel Gayland Hethcoat authored an article for the Los Angeles and San Francisco Daily Journal discussing the California Data Exchange Framework (DxF), which aims to facilitate statewide exchange of health information between health care providers and other parties.

The US Department of Health and Human Services (HHS) and Federal Trade Commission (FTC) have distinct yet intersecting roles in regulating business practices involving individuals’ health information.

With the recent passage of Assembly Bill (AB) 254 and AB 1697, California’s Confidentiality of Medical Information Act (CMIA) will extend privacy protections to reproductive and sexual health information on mobile applications and internet websites.

Gayland Hethcoat will be presenting at the Virtual 40th National HIPAA Summit on March 7, 2023. He will be co-presenting with Christina Hud, an Assistant US Attorney from the US Attorney’s Office in New Jersey, on recent criminal enforcement of HIPAA.

On January 23, 2023 the Federal Communications Commission’s (FCC) Consumer and Governmental Affairs Bureau released a Declaratory Ruling addressing a request for clarification submitted by US Department of Health and Human Services (HHS).

Most violations of the Health Information Portability and Accountability Act (HIPAA) are addressed through administrative enforcement action.

Health Care Partner Stephanie Trunk will present twice at the Informa Medicaid Drug Rebate Program Summit on October 12-14.

A pair of reports recently issued by the US Department of Health and Human Services (HHS) Office of the Inspector General (OIG) highlight the important role telehealth services have played in ensuring access to medical services and care for Medicare beneficiaries during the COVID-19 pandemic.

The recently unveiled California Health and Human Services Data Exchange Framework (the Framework) creates a new regulatory and governance structure to promote the exchange of health information between health care providers in California.

In a newly filed lawsuit against the State of Idaho, the federal government argues that Idaho’s “near-total ban on abortion,” scheduled to take effect on August 25, 2022, overreaches by prohibiting abortion even where federal law may require physicians to perform an emergency abortion.

The HHS Office for Civil Rights (OCR) recently imposed a $50,000 civil monetary penalty on a dental practice that disclosed patient-identifying information in response to a negative online review. The case is a reminder that healthcare providers risk liability for a HIPAA privacy violation.

The HHS Office for Civil Rights is requesting comments about HIPAA covered entities’ and business associates’ implementation of “recognized security practices” and payments to “harmed individuals” from funds the agency collects from its enforcement actions. Stakeholders have until June 6, 2022.

On February 22, 2022, the California Department of Public Health (CDPH) announced that vaccinated health care workers with documented recent infection will be allowed to defer booster shot by up to 90 days from infection.

The Federal government is warning that the threat of cybercrime, and especially ransomware, to US hospitals and healthcare providers has increased.

Health Care partner Thomas Jeffry was recently quoted in a Healthcare Risk Management article titled “COVID-19 Changes HIPAA Compliance, But Caution Necessary.”

Health Care Partner Anne Murphy was recently quoted by Bloomberg Law in an article titled “Hospitals Walk Legal Tightrope as Workers Speak Out on Virus.”

Health Care partner Anne Murphy will present during the 2020 American Health Law Association’s (AHLA) In-House Counsel Program.