Author: WadeEmmert

Categories
Health Law Highlights

Kaiser Permanente Notifying 13.4 Million of Tracker Breach

Summary of article from Gov Info Security, by Marianne Kolbasuk McGee:

Kaiser Foundation Health Plan reported a data breach affecting 13.4 million individuals due to unauthorized access/disclosure from its previous use of online tracking technologies on its websites and mobile applications. Personal information potentially transmitted to third-party vendors like Google, Microsoft Bing, and Twitter includes IP addresses, names, account sign-in information, website navigation data, and search terms. No sensitive information like usernames, passwords, Social Security numbers, or financial account details were disclosed. Kaiser Permanente has since removed these online technologies and implemented measures to prevent such incidents in future. Despite no known misuse of the personal information, the organization will notify affected individuals directly in May out of caution.

Categories
Health Law Highlights

DOJ Releases 2024 COVID-19 Fraud Enforcement Task Force Report

Summary of article from Morrison Foerster, by Adam Braverman, Kate Driscoll, Kamran Jamil, Brian Kidd, Nathaniel Mendell:

The U.S. Department of Justice (DOJ) has released a comprehensive report on the COVID-19 Fraud Enforcement Task Force, calling for an extension of the statute of limitations for pandemic fraud-related offenses and increased funding for investigations and prosecutions. Since May 2021, the Task Force has charged over 3,500 defendants, recovered more than $1.4 billion in government funds, and filed over 400 civil suits. The report highlights cases involving False Claims Act liability, primarily related to the Small Business Administration’s Paycheck Protection Program (PPP), Economic Injury Disaster Loans (EIDL), and COVID-19 testing claims. The DOJ is seeking to establish a permanent interagency body to combat government benefits fraud. The report also calls for legislation to extend time limits for charging pandemic-related fraud cases and further resource fraud investigations.

Categories
Health Law Highlights

A Regulatory Roadmap to AI and Privacy

Summary of article from IAPP, by Daniel Solove:

There is a complex relationship between AI and privacy. AI-related privacy issues are often extensions of existing digital privacy problems. Privacy law reform must address digital privacy holistically, not just in the context of AI. AI creates implicates privacy concerns in data collection and processing, decision-making, and data analysis. Current privacy laws are inadequate in handling these issues. AI also presents difficulties in oversight, participation, and accountability. Effective reform must include transparency, due process, and stakeholder involvement. Comprehensive overhaul of existing privacy laws needed to effectively regulate AI’s impact on privacy.

Categories
Health Law Highlights

Three Women Contract HIV From Dirty “Vampire Facials” at Unlicensed Med Spa

Summary of article from Ars Technica, by Beth Mole:

Unlicensed cosmetic procedures at a med spa have been linked to an outbreak of HIV, marking the first time cosmetic treatments have been associated with such an outbreak. At least three women who underwent “vampire facials”, a treatment involving the injection of a patient’s own platelet-rich plasma into their face, at the unregulated VIP Spa, tested positive for HIV. The spa, which had poor hygiene standards and reused disposable equipment, was shut down in 2018 and the owner was later convicted for practicing medicine without a license. Investigators tested nearly 200 other spa clients for HIV and found a total of five infections linked to the facility. The report highlights the importance of identifying potential novel sources of HIV transmission among people with no known risk factors.

Categories
Alert

Feds Launch Website for Reporting of Health Care Anticompetitive Practices

On April 18, 2024, the Federal Trade Commission (FTC), U.S. Department of Justice (DOJ), and U.S. Department of Health and Human Services (HHS) launched a public web portal for reporting anticompetitive practices in the health care sector. The portal, www.healthycompetition.gov, allows anyone to submit complaints about potential anticompetitive conduct in the healthcare industry. The portal provides information about federal laws ensuring healthy competition and examples of conduct that can harm competition in healthcare. The agencies have not limited the sources of reports, implying a wide scope for potential informants, from the general public to industry insiders. The launch of this portal necessitates increased vigilance from healthcare entities, as any information could potentially trigger an investigation by the FTC or DOJ.

Categories
Alert

HHS Issues New Rule to Support Reproductive Health Care Privacy Under HIPAA

The Biden-Harris Administration has announced a Final Rule through the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) to enhance the HIPAA Privacy Rule and protect reproductive health care privacy. This rule prohibits the disclosure of protected health information (PHI) related to lawful reproductive health care under certain conditions. The rule was issued in response to community feedback for better patient confidentiality and to prevent misuse of medical records related to reproductive health care. The rule mandates regulated health care providers and organizations to modify their Notice of Privacy Practices and obtain a signed attestation for certain requests for PHI related to reproductive health care. The current HIPAA Privacy Rule remains in effect until the new rule is implemented.

Categories
Health Law Highlights

FTC Bans Noncompete Clauses, Declares Vast Majority Unenforceable

Summary of article from Ars Technica, by Jon Brodkin:

The Federal Trade Commission (FTC) has issued a final rule banning noncompete clauses, rendering most existing clauses unenforceable, citing that they are an unfair method of competition and a violation of Section 5 of the FTC Act. The rule will take effect 120 days after its publication in the Federal Register, affecting approximately 30 million US workers currently bound by such clauses. The rule will not apply to senior executives, defined as those earning more than $151,164 annually and in policy-making positions. The FTC argues that noncompete clauses suppress wages, innovation, and economic dynamism, and believes businesses can protect trade secrets through other means like nondisclosure agreements. The US Chamber of Commerce intends to sue the FTC, claiming the rule undermines the competitiveness of American businesses.

Categories
Around the Web

Clinic Owner Sent to Prison for Orchestrating $15M Medicare Fraud and Kickback Scheme

Gwendolyn Gibbs, the owner of the Houston-based Daybreak Rehabilitation Center, has been sentenced to 84 months in federal prison and ordered to pay $8.68 million in restitution to Medicare for conspiracy to commit healthcare fraud. Gibbs fraudulently billed Medicare for unnecessary mental health services provided to vulnerable adults with intellectual disabilities. From 2007 to 2016, she submitted fraudulent claims for partial hospitalization program (PHP) services, falsified medical records, and paid kickbacks for patient referrals. Charles Guidry Jr., a manager at Daybreak and Gibbs’ ex-husband, was previously sentenced to 70 months imprisonment for his involvement. Gibbs will remain in custody until her transfer to a U.S. Bureau of Prisons facility. Source: Press Release.

Categories
Health Law Highlights

Artificial Intelligence Highlights from FTC’s 2024 PrivacyCon

Summary of article from Sheppard Mullin Richter & Hampton LLP, by Carolyn Metnick, Gianfranco Spinelli:

PrivacyCon’s takeaways for healthcare organizations highlighted key considerations for the use of AI in healthcare, focusing on privacy themes, Large Language Models (LLMs), and AI functionality. The study identified four privacy concerns: potential for data misuse, personal nature of data, lack of awareness and consent in data collection, and surveillance by the government. It also highlighted security, privacy, and safety concerns in LLM platforms, particularly with third-party applications, urging developers to prioritize these aspects. The fallacy of AI functionality, where users trust AI blindly without data validation, was identified as a major issue, especially in healthcare where it can lead to misdiagnosis. The post concluded by emphasizing the need for healthcare organizations to establish governance and compliance committees to address these complex challenges and facilitate responsible AI development with privacy and ethical considerations in mind.

Categories
Health Law Highlights

Houston Clinic Owner Sentenced for Healthcare Fraud Scheme

Summary of article from mytexasdaily.com:

Gwendolyn Gibbs, the 72-year-old owner of a Houston-based mental health clinic, has been sentenced to seven years in federal prison for a healthcare fraud scheme. Gibbs pleaded guilty to conspiracy to commit healthcare fraud in December 2021 and was ordered to pay over $8.6 million in restitution to Medicare. The court found that Gibbs had fraudulently billed Medicare for services provided to adults with intellectual disabilities who did not require mental health services, from 2007 to 2016. She admitted to falsifying medical records and paying kickbacks for patient referrals. The case was investigated by multiple agencies, including the FBI and the Department of Health and Human Services.