On March 6, 2018, CMS announced the MyHealthEData initiative, which aims to give patients easier access to and control over their medical records. Announcing the initiative, CMS Administrator Seema Verma laid out a future where individuals will have access to their health data wherever they go and be able to share data with the push … Continue Reading
On November 16, 2017, the Food and Drug Administration (“FDA” or the “Agency”) will hold a public hearing on a proposed approach for sponsors seeking to market devices referencing drugs (“DRDs”) when the drug sponsor does not wish to collaborate with the sponsor of the device. FDA will accept comments to the docket until January … Continue Reading
According to a distinguished panel of lawyers from MSD and Covington & Burling, companies involved in Digital Health deals need to ask themselves the following questions: What data is required to develop and deliver the Digital Health solution, and does your company have sufficient expertise in-house to analyze the data? What happens if your technology … Continue Reading
Although the National Cybersecurity Awareness Month of October has come to a close, it is not too late for corporate counsel and risk managers to be thinking about cyber-risk insurance — an increasingly essential tool in the enterprise risk management toolkit. But a prospective policyholder purchasing cyber insurance for the first time may be hard … Continue Reading
On 14 September 2017, the Committee for Human Medicinal Products (“CHMP”) of the European Medicines Agency adopted ICH Guideline E18 (the “Guideline”) on genomic sampling and the management of genomic data. The Guideline takes effect on 28 February 2018. The International Conference on Harmonisation of Technical Requirements for Registration of Pharmaceuticals for Human Use (“ICH”) … Continue Reading
On August 30, the UK government published a report by Professor Sir John Bell of Oxford University providing a number of recommendations to government to ensure the long term success of the life sciences sector in the UK (Life Sciences Industry Strategy). This blog post summarises the key recommendations and observations made from a digital … Continue Reading
In the first of a three-part series, Covington’s global cross-practice Digital Health team answers key questions that companies across the life sciences, technology, and communications industries should be asking as they seek to fit together the regulatory and commercial pieces of the complex digital health puzzle. Key Regulatory Questions About Digital Health Solutions 1. What are … Continue Reading
At the beginning of August, the D.C. Circuit found that the fact that a data breach has occurred and individual consumer information has been lost may constitute sufficient injury to confer standing on those individual victims at the pleading stage–irrespective of whether any stolen information has been misused. Specifically, Attias, et al. v. CareFirst, Inc., … Continue Reading
On July 27, FDA published its Digital Health Innovation Action Plan. The plan provides details and timelines for the agency’s Digital Health Innovation Plan, announced by FDA Commissioner Scott Gottlieb last month. The action plan describes the agency’s “next steps” over the coming year to “encourage digital health innovation by redesigning [FDA’s] policies and processes … Continue Reading
Digital health solution providers, and users of digital health services, should take note of three recently launched EU public consultations in the digital health space, and may wish to make submissions to help shape the future of digital health initiatives in the EU. The earliest deadline for submissions is 16 August 2017. EU Commission Transformation … Continue Reading
The UK Information Commissioner’s Office (“ICO”), which enforces data protection legislation in the UK, has ruled that the NHS Royal Free Foundation Trust (“Royal Free”), which manages a London hospital, failed to comply with the UK Data Protection Act 1998 in providing 1.6 million patient records to Google DeepMind (“DeepMind”), requiring the Royal Free to sign an … Continue Reading
On May 11, 2017, the European Cloud in Health Advisory Council (ECHAC) – a group of healthcare organizations, technology companies and patient representatives – launched its second whitepaper focused on use of data to improve health outcomes and delivery of care. ECHAC launched the whitepaper at an eHealth Week 2017 session attended by ECHAC participants and … Continue Reading
On December 13, 2016, President Obama signed the 21st Century Cures Act (“Cures Act”), Pub. L. 114-255, which aims to expand medical research and expedite the approvals of drug therapies for patients. The Cures Act also contains several provisions related to the HIPAA Privacy and Security Rules. None of these provisions make substantive changes to … Continue Reading
Tom Price, the Republican representative from Georgia, has been tapped by President-elect Trump as the new Secretary for the Department of Health and Human Services (HHS). Rep. Price is himself an orthopedic surgeon and comes from a family of doctors and, as a result, is focused closely on the ways in which government regulations burden … Continue Reading
The Department of Health and Human Services (HHS) recently published guidance on HIPAA requirements governing the use of cloud computing entities, specifically cloud services providers (CSPs). In this guidance, HHS explains that CSPs that create, receive, maintain, or transmit protected health information (PHI) on behalf of a covered entity or business associate are considered business … Continue Reading
Earlier this week the Government Accountability Office released a report critiquing the U.S. Department of Health and Humana Services’ (HHS) oversight of and guidance related to health information security and privacy. (The report is available here.) GAO cited the increasing incidence of hacking and other breaches, which affected over 113 million health records in 2015, … Continue Reading
A research letter published this month in the Journal of the American Medical Association reported that only a small fraction of seniors in the United States use digital health technology. The authors applied statistical analysis to data gleaned from a nationally representative sample of Medicare beneficiaries age 65 and older. In 2011, 16% of seniors … Continue Reading
The UK Government has opened a consultation, running until September 7, 2016, regarding how UK National Health Service (NHS) patient data should be safeguarded, and how it could be used for purposes other than direct care (e.g. scientific research). The consultation comes after two parallel-track reviews of information governance and data security arrangements in the … Continue Reading
Earlier this month the U.S. Department of Health and Human Services (HHS), Office of the National Coordinator for Health Information Technology (ONC), released a report to Congress highlighting “large gaps” in policies and oversight surrounding access to and security and privacy of health information held by certain “mHealth technologies” and “health social media.” mHealth technologies … Continue Reading
The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) recently announced a significant settlement with Catholic Health Care Services of the Archdiocese of Philadelphia (CHCS), a business associate under HIPAA, arising from a breach of protected health information (PHI) after the theft of an employee’s iPhone. The iPhone … Continue Reading
In March, CMS issued a State Medicaid Directors Letter (SMDL) about the availability of enhanced federal funding for state Medicaid programs’ eligibility and enrollment (E&E) systems. This SMDL represents CMS’s most recent effort to encourage States to use commercial “off-the-shelf” technology and “software as a service,” instead of customized electronic systems developed and built specifically … Continue Reading
On April 5, the Federal Trade Commission (FTC), in conjunction with the Food and Drug Administration (FDA) and the Department of Health and Human Services (HHS), released a new web-based interactive tool to assist mobile health app developers in navigating applicable federal laws and regulations in the areas of advertising and marketing, medical devices, and … Continue Reading
The U.S. Department of Health and Human Services and the Office of the National Coordinator for Health Information Technology (ONC) recently proposed a rule to enhance ONC oversight and accreditation of health IT. Under the rule, the ONC’s primary goal would be to work with health IT developers to remedy any non-conformities with certified health … Continue Reading
Yesterday, the Senate Health, Education, Labor and Pensions (HELP) Committee held a final mark-up of legislation comprising the Committee’s counterpart to the House-passed 21st Century Cures Act. The HELP Committee approved five bills including S. 2713 to advance the development of “precision medicine” through research and data sharing. We have reported on the President’s precision medicine … Continue Reading
