Author: WadeEmmert

Categories
Health Law Highlights

Balancing Act: Industry Concerns Over CISA’s Proposed Cyber Incident Reporting Rule

Summary of article from Bradley Arant Boult Cummings LLP, by Sinan Pismisoglu, Eric Setterlund:

The proposed cyber incident reporting rule by the Cybersecurity and Infrastructure Security Agency (CISA) aims to enhance national cyber defenses but has raised concerns about its broad scope and potential overreporting, which could overwhelm CISA with low-value data. Industry groups, particularly in manufacturing and healthcare, worry about the rule’s impact, citing increased compliance burdens and potential disruptions. Recommendations to address these issues include narrowing the rule’s scope, harmonizing reporting mechanisms, providing support to smaller entities, and tailoring requirements to specific industry needs. The debate highlights the need for a balanced approach that strengthens cybersecurity while ensuring practical compliance for businesses. Collaboration between CISA and industry stakeholders is essential to refine the rule and achieve this balance.

Categories
Health Law Highlights

HSBC Venture Healthcare Report: 1H 2024

Summary of article from Foley & Lardner LLP, by Antoinette F. Konski:

Key findings include a reversal of the 2023 decline in Healthtech investments, stable Med Device investments driven by first-financing deals, and a notable 35% increase in Biopharma investments with significant private deals. The Dx/Tools sector saw a decline in first-financing deals but benefited from growth investors for companies nearing commercialization. Overall, the report highlights increased investment activity across all sectors, with heightened IPO interest and significant private M&A deals in Biopharma.

Categories
Health Law Highlights

The TDPSA: A New Sheriff in Town for Texas Data Controllers and Processors

Summary of article from  Vinson & Elkins LLP, by Maggie Eller, Briana Falcon, Jeffrey Johnston, Michael Kurzer:

The Texas Data Privacy and Security Act (TDPSA), effective from July 1, 2024, mandates compliance from businesses operating in Texas or providing products/services to Texas residents, excluding small businesses and specific entities like state agencies and nonprofits. It defines consumer rights, responsibilities for data controllers and processors, and includes stringent requirements for handling personal and sensitive data. Sensitive data encompasses information such as race, health diagnoses, and biometric data, while certain healthcare and employment-related data are exempt. Organizations must conduct data protection assessments, update privacy policies, and establish systems for consumer rights compliance. Ensuring data security through administrative, technical, and physical measures is also emphasized.

Categories
Health Law Highlights

Does HIPAA Apply to Veterinarians?

Summary of article from The HIPAA Journal, by Steve Adler:

HIPAA does not apply to veterinarians because they do not conduct electronic healthcare transactions for which the Department of Health and Human Services has adopted standards, thus not qualifying as HIPAA covered entities. However, veterinarians are subject to various state-level data privacy and breach notification laws that resemble HIPAA regulations. For instance, California law prohibits the unauthorized disclosure of information concerning animal patients and their owners, with specific exceptions. Additionally, veterinarians handling data of EU citizens must comply with the GDPR. The American Veterinary Medical Association (AVMA) provides guidelines to help veterinarians navigate these diverse data privacy regulations.

Categories
Health Law Highlights

The Impact of the EU AI Act on the Healthcare Sector

Summary of article from DataGuidance, by Michael Borrelli:

The EU AI Act aims to regulate AI systems within the EU, categorizing them by risk levels and imposing stringent requirements on high-risk systems, particularly in healthcare. This legislation emphasizes transparency, accountability, and ethical considerations to ensure AI technologies are safe and trustworthy. High-risk AI systems in healthcare must meet rigorous standards for risk management, data quality, transparency, human oversight, and post-market monitoring. While compliance presents challenges, the Act fosters innovation and aims to improve healthcare outcomes and patient safety. Overall, the EU AI Act is pivotal in shaping the ethical deployment of AI in healthcare.

Categories
Health Law Highlights

No Surprises Act Implementation Faces Challenges

Summary of article from Proskauer Rose LLP, by D. Austin Rettew, Vinay Kohli:

Two district courts have issued conflicting rulings on the enforceability of arbitration awards under the No Surprises Act (NSA), highlighting ongoing challenges in its implementation. The NSA, enacted in 2020, aims to protect patients from unexpected medical bills by capping out-of-network charges at median in-network rates and establishing a mandatory dispute resolution process. The New Jersey District Court ruled that the Federal Arbitration Act (FAA) applies to enforce NSA awards, while the Texas District Court concluded that the FAA does not provide such a mechanism. The Texas ruling is being appealed, and additional NSA-related regulations and legal challenges are pending. Health care providers should seek expert legal advice to navigate this complex and evolving regulatory landscape.

Categories
Health Law Highlights

You Can’t Surf With a Ventilator. The Problems with AI in Health Care, and Some Solutions

Summary of article from California Health Report, by Jennifer McLelland:

The author tested three major AI chatbots—Google Gemini, Meta Llama 3, and ChatGPT—on medical questions to evaluate their accuracy, finding that their responses were often incorrect or misleading. This raises concerns about AI’s potential to spread harmful misinformation, especially for families seeking information on rare medical conditions. The author argues that while AI promises simple solutions, the complex needs of children with special health care requirements necessitate increased funding for human providers who can offer personalized, accurate guidance. Furthermore, the use of AI in health insurance decisions could perpetuate existing disparities and biases in the healthcare system. The author advocates for legislative oversight and more substantial investment in human resources to ensure equitable and reliable healthcare.

Categories
Health Law Highlights

HHS and FBI Release Joint Cybersecurity Advisory Statement for Healthcare Providers

Summary of article from Morgan Lewis, by Amy M. Magnano, Michael J. Madderra, Roshni Edalur:

The Department of Health and Human Services (HHS) and the Federal Bureau of Investigation (FBI) released a joint cybersecurity advisory (CSA) to alert healthcare providers about phishing attacks and the associated tactics used by threat actors. The advisory emphasizes the importance of updating security measures, including the implementation of multi-factor authentication and enhanced IT Help Desk training to combat social engineering attacks. It also recommends securing remote access tools and testing security programs against outlined threat behaviors. The CSA provides specific indicators of compromise and suggests proactive steps to mitigate risks. Morgan Lewis offers guidance and best practices to help healthcare entities navigate these cybersecurity challenges.

Categories
Health Law Highlights

Pharmacies and Pharmacists in the Crosshairs: DOJ’s $408 million Settlement with Rite Aid

Summary of article from Woods Rogers, by Justin Lugar:

The Department of Justice (DOJ) announced a $408 million settlement with Rite Aid and its affiliates over allegations of violating the Controlled Substances Act (CSA) and the False Claims Act (FCA) by filling unnecessary opioid prescriptions. This settlement underscores the DOJ’s commitment to enforcing pharmacists’ responsibilities to ensure prescriptions are issued for legitimate medical purposes. Recent enforcement actions, including significant penalties against various pharmacies and individuals, highlight the increasing scrutiny and accountability faced by pharmacists and pharmacies. The DOJ, alongside the DEA, is utilizing predictive analytics and state monitoring programs to intensify these actions. Pharmacies must now be more vigilant in adhering to CSA regulations to avoid severe penalties and legal consequences.

Categories
Health Law Highlights

The Promise Artificial Intelligence Holds for Improving Health Care

Summary of blog post from FDA, by Troy Tazbaz:

The FDA emphasizes the importance of integrating AI responsibly, ensuring safety and effectiveness through collaboration and adherence to standards and best practices. Key strategies include adopting risk management frameworks, quality assurance practices, and maintaining transparency and accountability throughout the AI development lifecycle. Grassroots efforts and federal initiatives are contributing to the establishment of best practices for AI quality assurance in health care. The FDA’s Digital Health Center of Excellence (DHCoE) remains open to feedback and collaboration to advance AI in health care.