Keypoint: With the increased frequency and severity of cyberattacks against healthcare systems, state and federal agencies strive to improve cybersecurity controls with varied success.

In November 2023, New York Governor Kathy Hochul announced proposed regulations that would be the first state regulations for hospitals in New York. The governor described the proposed regulation as a “nation-leading blueprint” that would complement the federal Health Insurance Portability and Accountability Act (HIPAA) Security Rule enforced by the U.S. Department of Health and Human Services (HHS).

The Department of Health and Human Services (HHS) through its Office of Inspector General (OIG), announced plans for significant updates and modernization of OIG compliance program guidance (CPG) to improve their accessibility and usability for healthcare entities.[1] Originally issued in 1998, the CPG provide healthcare organizations across the industry with guidance on developing, implementing, and maintaining internal compliance controls. In the 25 years since, the OIG has issued multiple and specific CPGs that apply to particular segments of the healthcare industry including Medicare Advantage organizations, hospitals, home health agencies, nursing homes, and clinical laboratories. However, over time the CPGs have not sufficiently kept up with the innovations and growth of the healthcare industry.

Recent legislative changes indicate that Congress is committed to continuing to allow patients to access telehealth services after the COVID-19 public health emergency (PHE) ends, but it is gathering more information before making such changes permanent. Comments from the U.S. Department of Health & Human Services (“HHS”) Secretary Xavier Becerra and the HHS Office of Inspector General (“OIG”) indicate that HHS is committed to expanding telehealth beyond the end of the PHE and that the OIG recognizes the long-term benefits of access to these services.

One of President-elect Trump’s many campaign promises included “repealing and replacing” the Affordable Care Act (ACA), known as Obamacare. Trump nominated Rep. Tom Price, M.D. (R-Ga.) to serve as the Secretary for the Department of Health & Human Services. Trump’s selection of Price signals that Trump is pushing forward with his promise to aggressively repeal and replace the ACA. If confirmed, Price will lead 11 agencies, including the FDA and the National Institutes of Health, with a $1-trillion budget and the ultimate oversight responsibility for both Medicare and Medicaid.

Backing up electronic health record data may become an important aspect of complying with and mitigating risk under the Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health Act (HITECH) if the U.S. Health and Human Services Office of Civil Rights (OCR) heeds legislators’ recommendations.

The District of Columbia reached a settlement agreement with Children’s Hospital, Children’s National Medical Center Inc. and its affiliates (collectively, “CNMC”) on June 15, 2015, to resolve allegations that CNMC violated the False Claims Act by submitting false cost reports and other applications to the U.S. Department of Health & Human Services (“HHS”) as well as to the Virginia and District of Columbia Medicaid programs. Further details can be found in the Department of Justice’s press release announcing the settlement.

Husch Blackwell attorney Joe Geraci was recently quoted in an AIS Health Reform Week article titled HHS’s Statements on Exchange QHPs Stir Confusion, Complicate Copay Assistance.  The article reports that the Obama administration is sending mixed messages on whether Qualified Health Plans (QHPs) on the insurance exchanges will be considered federal health programs.  A

Nursing is a study in multi-tasking: multiple patients with multiple issues that require complex medication management.  In addition, nurses have to manage massive amounts of information from both human and computer sources.  This week, The Joint Commission called for hospitals to address “alarm fatigue.”  According to The Joint Commission Sentinel Event Alert, medical devices that issue too many audio and visual

On Thursday, March 7, 2013, the Office of the National Coordinator for Health Information Technology and the Centers for Medicare and Medicaid Services (CMS) released a notice and request for information concerning using additional policy levers to accelerate the adoption of electronic health record systems (EHRs). In part, the agencies are looking to increase the number of provider practices satisfying the core requirements for Meaningful Use under the Health Information Technology for Clinical and Economic Health (HITECH) Act.

In the notice, the agencies state that they are looking to accomplish this acceleration by “engaging other policy areas” within the jurisdiction of the U.S. Department of Health & Human Services (HHS), and may include a combination of incentives, payment adjustments, and new requirements. The agencies have identified three main areas in which to use the policy levers:

  • Low rates of EHR adoption and exchange of health information among post-acute and long-term care providers;

Pediatric critical care transport teams at the Alfred I. duPont Hospital for Children in Wilmington, Delaware participated in a study using iPads to communicate about the patient’s condition prior to and during transport.  The study, which was funded by the Nemours Fund for Children’s Health, found that use of iPads provided better communication between the transport