Skip to main content
Keeping you afloat amidst the rising sea of regulations

Wait a Sec, I’ve Got a Text: CMS Clarifies Position Regarding Texting of Patient Information

On December 28, 2017, the Centers for Medicare and Medicaid Services (CMS) issued Survey and Certification Memorandum Number 18-10-ALL to the State Survey Agencies clarifying its position regarding texting health care information by providers. Such clarification was needed: CMS’s individual guidance about texting had been uneven in 2017, with reports that CMS informed some facilities that texting any patient information was prohibited.

FDA Ramps Up Transparency Initiative but Still Exploring Whether to Include CR Letters

On January 16, 2018, FDA Commissioner Scott Gottlieb, M.D., delivered a presentation, “Fostering Transparency to Improve Public Health” to the John Hopkins Bloomberg School of Public Health. In his presentation, Gottlieb provided a context for his vision of how transparency can be a “powerful tool for innovation,” discussing two new transparency-driven initiatives and one under consideration.

Time to Refine Your BAA - Don't Follow the Flock!

* The following alert was originally published in California Healthcare News (CHN). To read it on the CHN website, click here.

2017 Survey of Data Breach Notification Statutes

We are pleased to provide you with the new, 2017 version of the Arent Fox Survey of Data Breach Notification Statutes. This version updates the Survey that we created and circulated last year, including new statutes and amendments that have been enacted since August of 2016. This Survey focuses on the data breach notification statutes of the states and territories within the US, and should be a useful tool and guide for data security planning and response purposes for your company.

Bitcoin for Care: Healthcare Hopping on the Blockchain

* The following alert was originally published in California Healthcare News (CHN). To read it on the CHN website, click here.

OCR’s Quick-Response Checklist for Cyber Attacks Useful for Responding to Petya Ransomware Blitz

Earlier this year, ransomware known as Wannacry crippled Britain’s National Health Service and spread across the globe affecting many other organizations, large and small. Now, many organizations are grappling with a new onslaught caused by similar ransomware dubbed Petya.

Congress on Notice: Health Care Cybersecurity is in Critical Condition

Earlier this month, the Health Care Industry Cybersecurity Task Force sent to Congress the Report On Improving Cybersecurity in the Health Care Industry.

What’s in a Name? A HIPAA Violation: Texas Health System Settles with HHS for $2.4 Million

On May 10, 2017, the US Department of Health & Human Services (HHS) announced a settlement with Texas-based Memorial Hermann Health System (MHHS) for $2.4 million due to MHHS’s unauthorized disclosure of patient protected health information (PHI). HHS also announced that HHS and MHHS entered into a Resolution Agreement, and MHHS agreed to a corrective action plan. 

New Director, Same Direction for OCR HIPAA Enforcement

What’s New? On Monday, the US Department of Health & Human Services’ Office for Civil Rights announced that CardioNet has entered into a $2.5 million HIPAA settlement.