Health Law Alert

On Friday, August 29, 2014, CMS published a Final Rule providing additional flexibility to providers who have had difficulties implementing 2014 Edition certified electronic health record technology (“CEHRT”). This rule adopts the proposed rule published May 23, 2014. Under the Final Rule, Eligible Professionals, Eligible Hospitals and CAHs that could […]

While details have not been made public, it is possible that a properly configured robots.txt file could have prevented the patient data exposure which was the genesis of the recent $4.8 million HIPAA settlement made by New York-Presbyterian Hospital/Columbia University Medical Center (see: http://cynergistek.com/columbia-presbyterian-settle-hipaa-violations-for-4-8-million/). From the information which was made […]

Remember the Deficit Reduction Act of 2005? It made certain Medicaid providers subject to additional compliance requirements, causing them to amend their compliance policies and add procedural steps. Now, nine years after its enactment, some state Medicaid agencies are checking on compliance through questionnaire audits. To refresh your memory: Section […]

As hospitals and physician offices are rapidly rolling out patient portals in an effort to meet the requirements of the Meaningful Use program, we are seeing some common legal and practical issues and questions surface. This first article in a multi-part series will address a few of the most common […]

Note: This is the second article in a two-part series on HIPAA and data security and encryption. The June edition of the Health Law Advisory included an article by Michael Chase discussing recent HIPAA settlements due, at least in part, to a failure to properly encrypt PHI. One of the […]