A recent decision from the Ninth Circuit Court of Appeals in DB Healthcare, LLC v. Blue Cross Blue Shield of Arizona, Inc., No. 14-16518, 2017 WL 1075050 (9th Cir. Mar. 22, 2017) reaffirms that health care providers are not health plan “beneficiaries” with the ability to sue under ERISA. Health care providers may sue under ERISA’s civil enforcement provisions only when armed with robust assignments of benefits and rights from patients and where the governing Plan documents do not prohibit assignments.
On March 27, 2017, Rachel Yount attended the Health Care Compliance Association’s Compliance Institute 2017, where Illiana Peters, a senior advisor at Health and Human Services, Office for Civil Rights (“OCR”), provided an “OCR Enforcement Update.”
A recent decision from the Fourth Circuit Court of Appeals in Beck v. McDonald, 848 F.3d 262 (4th Cir. 2017), adds to the list of circuit courts of appeal that have held that that the mere threat of future harm resulting from a data breach, without more, is insufficient to satisfy the injury-in-fact requirement for Article III standing.
In a Federal Register notice scheduled to be published on March 20, 2017, the Health Resources and Services Administration (HRSA) announced that it will delay the effective date of the January 5, 2017 final rule (the Final Rule) that provided guidance on the calculation of drug ceiling prices and the imposition of civil monetary penalties on certain drug manufacturers participating in the 340B Drug
In a report released on March 9, 2017, a National Academies of Sciences, Engineering, and Medicine committee concluded that the bioeconomy is growing rapidly and the US regulatory system needs to provide a balanced approach to the many competing interests that will arise in the face of the expansion.
In May 2018 - merely 14 months from now - the European Union’s (EU) General Data Protection Regulation (GDPR) will go into effect. Organizations established in the European Economic Area (EEA) are subject to the GDPR and must abide by its rules with respect to the collection, processing, and transfer of personal data.