Stakeholders across the healthcare, technology and communications industries seek to harness the power of data and information technology to improve the effectiveness and efficiency of their products, solutions and services, create new and cutting-edge innovations, and achieve better outcomes for patients. Partnering with lawyers who understand how the regulatory, IP, and commercial pieces of the digital health puzzle fit together is essential. Covington offers unsurpassed breadth and depth of expertise and experience concerning the legal, regulatory, and policy issues that affect digital health products and services. To learn more, click here.

In July of 2015 we noted that nine states had enacted laws to join the Interstate Medical Licensure Compact.  We described this cooperative program intended to allow physicians to obtain expedited licenses to practice in multiple states.  This would facilitate the delivery of telemedicine across state lines; physicians are generally prohibited from practicing, even

The Department of Health and Human Services (HHS) recently published guidance on HIPAA requirements governing the use of cloud computing entities, specifically cloud services providers (CSPs).

In this guidance, HHS explains that CSPs that create, receive, maintain, or transmit protected health information (PHI) on behalf of a covered entity or business associate are considered business

Last month, the Office of Management and Budget (“OMB”) began its review of the much-discussed new Health IT Certification regulations, which include enhanced oversight of Electronic Health Records (“EHRs”) technology by the Office of the National Coordinator for Health Information Technology (“ONC”).

Continue Reading OMB Reviewing Final Health IT Certification Regulations

A research letter published this month in the Journal of the American Medical Association reported that only a small fraction of seniors in the United States use digital health technology. The authors applied statistical analysis to data gleaned from a nationally representative sample of Medicare beneficiaries age 65 and older. In 2011, 16% of seniors

The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) recently announced a significant settlement with Catholic Health Care Services of the Archdiocese of Philadelphia (CHCS), a business associate under HIPAA, arising from a breach of protected health information (PHI) after the theft of an employee’s iPhone.  The iPhone was not encrypted or password protected and held extensive information on approximately 400 nursing home residents, including Social Security numbers; information regarding diagnosis and treatment, medical procedures, medication; and names of family members and legal guardians.  CHCS agreed to pay financial penalties of $650,000 and adhere to a corrective action plan.

Continue Reading Significant HIPAA Fine Follows Business Associate’s Stolen iPhone

In March, CMS issued a State Medicaid Directors Letter (SMDL) about the availability of enhanced federal funding for state Medicaid programs’ eligibility and enrollment (E&E) systems. This SMDL represents CMS’s most recent effort to encourage States to use commercial “off-the-shelf” technology and “software as a service,” instead of customized electronic systems developed and built specifically for individual States.

Continue Reading CMS Issues Guidance Encouraging the Use of Commercial Off-the-Shelf Technology and Software-as-a-Service for Medicaid Eligibility and Enrollment Systems

On February 29, 2016, the Centers for Medicare and Medicaid Services (CMS) issued a State Medicaid Directors Letter (SMDL) that expands the scope of expenditures eligible for the 90 percent federal match for activities to promote the use of a health information exchange (HIE) and the adoption of certified electronic health record (EHR) technology by Medicaid providers.

Specifically, this updated guidance permits States to claim the enhanced match for expenditures that promote coordination of care between entities eligible for EHR incentive payments and other Medicaid providers who may not necessarily qualify for such payments.   This SMDL supersedes earlier guidance that did not permit the enhanced match for these activities.


Continue Reading CMS Expands Scope of Enhanced Match for Promotion of Health IT