Categories
Health Law Highlights

Wade’s Healthcare Privacy Advisor for November 20, 2024

Artificial Intelligence

Cybersecurity

Data Privacy

  • The FTC published an explainer on the use of Data Clean Rooms (DCRs), cloud services that enable data exchange and analysis between companies. While DCRs can offer privacy protections when configured correctly, they are not inherently privacy-preserving and can be used to obfuscate privacy harms. Companies should not rely on DCRs to avoid legal obligations regarding data privacy and should be held accountable for any violations, regardless of the technology used.
  • The healthcare industry is increasingly targeted by ransomware attacks, with notable incidents such as the Change Healthcare breach affecting nearly 100 million individuals. Healthcare organizations face complex decisions regarding whether to pay ransoms, balancing the need to minimize business disruption and protect sensitive data against the risks of legal liability, increased future targeting, and ethical concerns. Paying a ransom does not eliminate legal obligations to report breaches, and it may expose organizations to penalties if payments are made to sanctioned entities. The healthcare sector’s critical services and sensitive data make it a prime target, necessitating robust cybersecurity measures and comprehensive incident response strategies. Organizations must carefully evaluate their legal and strategic options to effectively manage ransomware risks.
  • Texas is emerging as a significant player in privacy regulation following the implementation of the Texas Privacy and Data Security Act (TPDSA) in July 2024 and the Texas Securing Children Online through Parental Empowerment (SCOPE) Act in September 2024. Texas Attorney General Ken Paxton has initiated a privacy and security enforcement initiative, establishing a dedicated team within the Consumer Protection Division to enforce these laws. Notable actions include a lawsuit against TikTok for allegedly violating the SCOPE Act by sharing minors’ personal information without parental consent, and a settlement with Meta under the Texas biometric law for unauthorized data capture. Additionally, over 100 companies were notified for failing to register as data brokers, and car manufacturers are under investigation for data collection practices. Businesses processing Texans’ personal information should ensure compliance with the TPDSA and other relevant privacy laws to avoid enforcement actions.
Categories
Health Law Highlights

Wade’s Health Law Highlights for November 19, 2024

Behavioral Health

  • Behavioral health is a rapidly growing area in the healthcare sector, but it faces significant operational and financial challenges as companies scale and investor interest increases. Behavioral health organizations need to adopt innovative strategies to improve operations and financial performance, often requiring external expertise to navigate these complexities. They highlight the importance of effective management, strategic planning, and maintaining a focus on patient care amidst financial pressures, such as rising costs and debt. The experts emphasize the need for organizations to communicate their mission clearly, engage employees, and ensure consistent quality of care. They also advise investors to assess management’s ability to respond to data, maintain a positive organizational culture, and manage financial metrics effectively.

Drug & Device

Equity & Equality

Fraud & Abuse

Intellectual Property

Mergers & Acquisitions

No Surprises Act

Ransomware

  • The healthcare industry is increasingly targeted by ransomware attacks, with notable incidents such as the Change Healthcare breach affecting nearly 100 million individuals. Healthcare organizations face complex decisions regarding whether to pay ransoms, balancing the need to minimize business disruption and protect sensitive data against the risks of legal liability, increased future targeting, and ethical concerns. Paying a ransom does not eliminate legal obligations to report breaches, and it may expose organizations to penalties if payments are made to sanctioned entities. The healthcare sector’s critical services and sensitive data make it a prime target, necessitating robust cybersecurity measures and comprehensive incident response strategies. Organizations must carefully evaluate their legal and strategic options to effectively manage ransomware risks.

Reproductive Rights

Telehealth

Categories
Health Law Highlights

Wade’s Healthcare Privacy Advisor for November 11, 2024

Blockchain

HIPAA & Cybersecurity

Ransomeware

Regulation

Tech and ACOs

Categories
Health Law Highlights

Wade’s Health Law Highlights for November 11, 2024

Fraud & Abuse

HIPAA & Cybersecurity

Hospice

Insulin Overpricing

Loper Bright

Med Spas

No Surprises Act

Physician Fee Schedule

Ransomeware

Skilled Nursing Facilities

Categories
Health Law Highlights

Wade’s Healthcare Privacy Advisor for November 6, 2024

Access & Privacy

AI Governance

AI Risk Management

Corporate Compliance

Cybersecurity

Growth & Innovation

Legislation

Categories
Health Law Highlights

Wade’s Health Law Highlights for November 5, 2024

Access & Privacy

Cryotheraphy

Fraud & Abuse

Gender-Affirming Care

HIPAA

Ransomware

Reimbursement

Telehealth

Categories
Health Law Highlights

Wade’s Healthcare Privacy Advisor for October 30, 2024

Navigating AI: A Quick Start Guide for Healthcare Professionals

To get started with AI in healthcare, clinicians should set clear goals, create a personalized learning roadmap, and identify essential resources. Understanding AI fundamentals, including programming skills, is crucial for effective collaboration and decision-making. Clinicians can enhance their knowledge and skills through formal education, online courses, and hands-on experience.

Clinician involvement in AI development is crucial, yet often inconsistent, necessitating a multidisciplinary approach to ensure trust and usability in clinical settings. Effective AI integration requires clinicians to understand AI basics, set learning goals, and engage in continuous education, including programming skills and AI model development. A structured learning approach, incorporating formal AI education into medical curricula, can enhance clinicians’ ability to innovate and apply AI tools effectively. Practical resources such as online courses, textbooks, and professional networks are essential for clinicians to gain AI proficiency.

Success in AI adoption involves setting clear milestones, leveraging low-code platforms for ease of use, and fostering collaboration with AI experts. Overall, AI offers significant opportunities for healthcare professionals to improve patient care and drive innovation through informed engagement and structured learning.

AI

Blockchain

  • The global “Blockchain Technology in Healthcare” market is projected to grow significantly, driven by its potential to enhance security, efficiency, and transparency in healthcare services. Blockchain technology offers secure storage of electronic health records, streamlines data management, and improves drug traceability. Recent developments highlight the ongoing integration of blockchain in healthcare, with companies like IBM and Patientory Inc. making strides in the field.

Data Breaches

Data Privacy

Cybersecurity

Health Data

Categories
Health Law Highlights

Wade’s Health Law Highlights for October 29, 2024

Eli Lilly Targets Compounding Kits

Eli Lilly has filed a lawsuit against Pivotal Peptides, a drug vendor in Washington state, accusing them of selling do-it-yourself kits for making knockoff versions of their weight-loss and diabetes drugs, Zepbound and Mounjaro.

Pivotal Peptides allegedly sold these kits without requiring a prescription or medical consultation, labeling the ingredients as “research chemicals” not intended for human use. The company ignored a cease-and-desist letter from Lilly and continued operations under a guise, using coded language to sell their products.

The lawsuit alleges serious safety issues, as these untested and non-pharmaceutical-grade drugs could be ordered by anyone.

Lilly’s legal actions are part of a broader effort to address the sale of illicit tirzepatide versions amid ongoing legal debates over compounded drug formulations.

The FDA had previously declared a shortage of tirzepatide, allowing licensed pharmacies to legally compound the drug, but is now reconsidering this decision following lawsuits from compounding pharmacies. Eli Lilly emphasizes the significant risks posed to patient safety by the sale of these unapproved and potentially harmful drugs.

Anti-Discrimination

  • The Department of Health and Human Services’ final rule implementing Section 1557 of the Affordable Care Act prohibits discrimination in healthcare and requires covered entities to appoint coordinators, post nondiscrimination notices, and implement policies and procedures by specific deadlines. Covered entities must also ensure patient care decision support tools are used non-discriminatorily and provide language assistance and auxiliary aids by May 1, 2025.

Blockchain

  • The global “Blockchain Technology in Healthcare” market is projected to grow significantly, driven by its potential to enhance security, efficiency, and transparency in healthcare services. Blockchain technology offers secure storage of electronic health records, streamlines data management, and improves drug traceability. Recent developments highlight the ongoing integration of blockchain in healthcare, with companies like IBM and Patientory Inc. making strides in the field.

Data Breaches

Health Data

HIPAA

Reproductive Health

Weight Loss

Categories
Health Law Highlights

Wade’s Healthcare Privacy Advisor

Legislation

Security Practices

LLMs

LItigaton

Online Tracking

Regulation

Threat Vector

Opinion

Categories
Health Law Highlights

Wade’s Health Law Highlights

Litigation

Security Standards

Quality of Care

Fraud & Abuse

Out-of-Network

Ransomware

Telemedicine

  • The Texas Medical Board has proposed new telemedicine regulations. The new rules would require a full license to provide telemedicine services, reaffirms that telemedicine services be performed in compliance with the Texas Occupations Code and the Medical Practice Act, and establishes requirements for prescribing for chronic pain via telemedicine.
  • The DEA is expected to extend telemedicine prescribing flexibilities for controlled substances through 2025, following pressure from Congress and the White House. Without an extension, the flexibilities that have increased access to healthcare for rural and underserved communities will expire, potentially leaving thousands of patients without access to critical medications. Stakeholders are urging the DEA to extend the flexibilities and create a taskforce to provide feedback on a new proposed rule for telemedicine prescribing of controlled substances.

CMS

M&A