Photo of Kasey Ciolfi

Kasey Ciolfi

Kasey focuses her practice on healthcare regulatory matters, helping clients resolve situations before they become problems. Kasey advises healthcare providers on compliance with state and federal regulatory matters. She also helps them resolve issues with regulatory bodies, including public health departments, state health agencies, the Office of Health and Human Services, the Office of Elder Affairs, and the Centers for Medicare & Medicaid Services. Kasey has developed relationships with many regulatory agencies, allowing her to solve client problems quickly. She frequently works with Medicare regulations and payment issues and is extensively familiar with Medicare Advantage and Programs of All-Inclusive Care for the Elderly (PACE) compliance.

Contact:Read more about Kasey Ciolfi
Doctor writing survey, insurance and claim form for medical paperwork, document and script for patient records, test result and research in a hospital. Physician hands signing and planning healthcare

This post is part of our The Top 2025 Privacy and Security Issues Still Shaping Healthcare series, in which our team of attorneys provides essential strategies and insights for healthcare privacy and security.

Reproductive health privacy rule vacated.

On June 18, 2025, the U.S. District Court for the Northern District of Texas vacated the HIPAA Privacy Rule to Support Reproductive Health Care Privacy Final Rule (Privacy Rule). As a result, the additional privacy protections that had been granted to reproductive healthcare information through President Biden’s Executive Order 14076, (“Protecting Access to Reproductive Health Care Services”), are no longer enforceable or required.

On November 6, 2023, the Office of Inspector General (“OIG”) issued its long-awaited General Compliance Program Guidance (“Guidance”) “to help advance the industry’s voluntary compliance efforts in preventing fraud, waste, and abuse in the health care system.” Although the Guidance is nonbinding, it reflects the OIG’s expectation that compliance programs become increasingly sophisticated in their approach to identifying and managing compliance risks as healthcare delivery and payment models continue to evolve.