The Texas Department of Licensing and Regulation adopted a rule for speech-language pathologists and audiologists confirming that direct and indirect supervision may be performed through tele-supervision and that in-person supervision is not required. This rule also allows a licensee providing telehealth services to provide proof of licensure to a requestor through the department’s online license search.
Summary of article from MassDevice, by Sean Whooley:
Profound Medical has received FDA 510(k) clearance for its second AI model, the Contouring Assistant, designed to treat prostate cancer. The Contouring Assistant is part of the company’s TULSA-Pro system, which uses transurethral ultrasound ablation (TULSA) to ablate diseased tissue in patients with various stages of prostate cancer, benign prostatic hyperplasia (BPH), or those requiring salvage therapy. The TULSA procedure uses real-time magnetic resonance guidance to preserve urinary continence and sexual function while targeting cancerous tissue. The newly cleared AI module uses machine learning to segment the prostate, aiding in the delineation of the target ablation volume. Profound Medical is also developing another TULSA-AI module, TULSA BPH, with more details expected later in 2024.
Summary of article from GovInfo Security, by Marianne Kolbasuk McGee:
Texas-based health plan administration services firm, WebTPA, is notifying over 2.4 million individuals about a hacking incident that occurred in 2023, which was detected in December of the same year. The breach potentially compromised personal data including names, contact information, birthdates, Social Security numbers, and insurance details. WebTPA has offered two years of free identity and credit monitoring services to those affected and has bolstered its network security. The delay in identifying and responding to the breach highlights the challenges organizations face in incident response and breach analysis. This incident is the third-largest breach reported in 2024 and emphasizes the increasing targeting of business associates that provide administrative services to health plans and other healthcare sector entities.
Summary of article from Wyrick Robbins Yates & Ponton LLP, by Lynn Percival IV:
In December 2021, the Federal Trade Commission (FTC) began a rulemaking process to update the Health Breach Notification Rule (HBNR), which mandates notice following a security breach of unsecured personal health records. The FTC has now finalized these updates, expanding the definition of a “breach of security” to include unauthorized uses and disclosures of health information. The updated rule also broadens the terms “personal health records” and “PHR identifiable health information,” potentially encompassing more websites, apps, and data repositories. The definition of “PHR related entity” has also been clarified, expanding the types of organizations subject to the rule. The updated rule will be effective 60 days after its publication in the Federal Register, with violations potentially resulting in significant civil penalties.
Summary of article from McDermott+Consulting, by Jeffrey Davis, Rachel Stauffer:
The article discusses the potential expiration of temporary Medicare waivers for telehealth services, which were instated during the COVID-19 pandemic and are set to expire by the end of 2024. Without further action from Congress, Medicare telehealth will revert to a rural-only benefit from 2025, and patients will have to visit an “originating” site to receive services. Congress is currently considering another extension, but the uncertainty is causing confusion among patients and providers. The Centers for Medicare & Medicaid Services (CMS) must establish payment policies for 2025, but the legislative uncertainty makes it challenging. Key issues include determining which telehealth services will be added to the Medicare list, the reimbursement rates for these services, the adoption of new telehealth codes, and decisions about other telehealth flexibilities.
Summary of article from Seyfarth Shaw LLP, by Kristina Launey, Leon Rodriguez:
Section 1557 of the Affordable Care Act prohibits discrimination in health programs receiving federal financial assistance. It has been subject to changes across different Presidential administrations since its inception in 2016. The latest regulations, effective from August 6, 2024, restore some repealed provisions and enhance nondiscrimination requirements. The Final Rule restores protections against discrimination based on sexual orientation, gender identity, disability, and religious objections, and expands its reach to include Medicare Part B providers, private insurance plans, and AI patient decision-making tools. It also mandates language assistance and accessibility services, and re-states federal protections for religious freedom and conscience.
Summary of article from The HIPAA Journal, by Steve Adler:
The Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009 mandates periodic audits of HIPAA-regulated entities by the Office for Civil Rights (OCR) to assess HIPAA compliance, with a focus on the HIPAA Security Rule. OCR has confirmed that audits will be conducted in 2024. The increasing rate and scale of data breaches suggest inadequate compliance with the HIPAA Security Rule among healthcare organizations. OCR aims to improve future audit programs and cybersecurity across the healthcare sector, with a particular focus on risk analysis and management provisions of the HIPAA Security Rule. OCR is working on an update to the HIPAA Security Rule, expected to be finalized by the end of the year, to reflect changes in technology and working practices, including the adoption of cloud technology, encryption, and multifactor authentication.
Summary of article from Manatt, Phelps & Phillips, LLP, by Dylan Carson, Harvey Rochman:
As artificial intelligence (AI) becomes more prevalent in the health care industry, there are growing concerns about potential anticompetitive conduct, including algorithmic price fixing. This issue was highlighted in a recent New York Times report alleging that certain health plans and administrators were using the same company’s algorithmic tools to set out-of-network rates, potentially leading to higher costs for patients. Antitrust enforcers argue that using the same AI systems to set prices could be seen as collusion and therefore a violation of antitrust laws. Health care companies are advised to closely monitor these developments and consider the potential legal risks associated with their use of AI.
Summary of article from King & Spalding, by Catherine Behnke:
The Department of Justice (DOJ) recently announced the establishment of a Health Care Monopolies and Collusion (HCMC) Task Force. This initiative is part of the Biden administration’s broader effort to enhance antitrust enforcement in the health care sector, including measures aimed at increasing transparency, promoting competition, and curbing corporate greed. The HCMC Task Force will identify and address monopolistic and collusive practices that contribute to rising health care costs and decreased quality of care. The Task Force will focus on issues such as payer-provider consolidation, serial acquisitions, labor and quality of care, medical billing, health care IT services, and misuse of health care data. The HCMC Task Force will include a multi-disciplinary team of civil and criminal prosecutors, economists, health care industry experts, technologists, data scientists, investigators, and policy advisors.
Summary of article from Nelson Hardiman, LLP, by Harry Nelson:
The U.S. healthcare system, driven by a complex mix of economic considerations, permits direct-to-consumer pharmaceutical advertising, unlike many other Western nations. However, this practice can lead to misleading claims and deceptive marketing, especially affecting vulnerable individuals. Recently, the Federal Trade Commission (FTC) has increased scrutiny on such practices, as evidenced by lawsuits against companies like AWAREmed and Rejuvika for misleading advertising. In 2024, the FTC also penalized telehealth providers, Cerebral and Monument, for violating confidentiality and misusing personal data. The FTC’s actions signal a shift towards protecting consumers from deceptive healthcare marketing practices.