Publications

The Medicare program provides for payment to critical access hospitals (CAHs) of their reasonable cost-based facility services.  It also allows CAHs to elect the Optional Payment Method (Method II) which additionally pays professional services at 115% of the physician fee schedule.  If a CAH elects the Optional Payment Method, physicians […]

If the first eight months of the new administration are an indicator, HIPAA Security Rule compliance and enforcement will remain a key priority for the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) and other regulatory agencies.  Many commentators point to the current state of the […]

Every state, several federal agencies, and even territories of the United States have data breach notification statutes. The definition of what constitutes a data breach usually involves the terms “access” or “acquisition” of data. The terms have distinct meaning, but the definition of “acquisition” has slowly changed with guidance and […]

On August 7, President Trump signed an Executive Order (the “Order”) aimed at financial institutions and intended to prevent unlawful “debanking,” which the order defines as denying an individual access to financial services based on the individual’s constitutionally protected beliefs, affiliates, or political views. The Order requires that any decision […]

By paring back on the broad entity level GLBA exemption, Montana and Connecticut have joined California, Minnesota, and Oregon as states that do not include a broad entity level GLBA financial institution exemption within their respective consumer data privacy laws. Montana On May 8, Montana Governor Greg Gianforte signed Senate […]