HIPAA, Privacy, and Risk Management

Garfunkel Wild’s HIPAA, Privacy, and Risk Management Practice Group assists health care providers, insurance plans and their vendors (e.g., Independent Practice Associations, billing and software companies, Health Information Exchanges) in preparing for, and addressing, complex regulatory and operational issues.  Our objective is to assist our clients in implementing programs to avoid government interventions, and to support our clients when surveys, investigations, and settlement demands by federal and state regulatory and accreditation agencies occur.

HIPAA and Privacy

Information has become the foundation of providing quality health care, and therefore, a significant focus of health care providers and their vendors.  The Health Insurance Portability and Accountability Act of 1996 (HIPAA) as amended by the Health Information Technology for Economic and Clinical Health Act (HITECH) establishes – at a national level – the minimum requirements for protecting and ensuring the availability of patient information.  Other federal and state laws and regulations, however, add additional requirements for certain types of information and technology.  Garfunkel Wild has mastered this ever-changing and complex regulatory landscape and has assisted clients in:

  • Assessing and implementing HIPAA privacy and security compliance plans, including model policies/forms and training in a manner that also includes consideration of state requirements and accreditation standards
  • Responding to breaches of confidentiality of unsecured patient information including patient, federal and state notifications
  • Preparing responses to investigations by the Federal Department of Health and Human Services, Office of Civil Rights (OCR), and similar state agencies;
  • Defending entities in governmental investigations/actions and private causes of action for alleged federal and state privacy violations
  • Identifying appropriate strategies to allow for sharing of patient information for operational purposes (e.g., quality assurance, value based programs, research)
  • Negotiating business associate agreements
  • Implementing procedures to avoid allegations of Information Blocking
  • Responding to federal and state subpoenas and other discovery requests involving protected health and other patient-identifying information

Our HIPAA and Privacy team can assist in addressing all of the challenges of protecting patient information, while allowing for appropriate use and sharing of such information to improve and develop our clients’ health care services.

Risk Management

Health care providers are faced with a plethora of regulatory and litigation concerns; more so than most industries.   Garfunkel Wild has a deep understanding of the risks that our clients face, and assists our clients and their clinical leadership to navigate these regulatory complexities. Our Risk Management team has extensive experience in:

  • Preparing plans of correction to address findings identified by the Center for Medicare and Medicaid Services (CMS), state departments of health and the Joint Commission
  • Drafting Medical Staff Bylaws
  • Preparing admission forms and informed consents for operative procedures, off label use of medications and other unique treatment scenarios
  • Providing guidance and counsel to address professional misconduct and abuse reporting situations, as well as internal disciplinary decisions regarding licensed health care professionals
  • Implementing quality assurance and performance improvement programs, including consideration of applicable privileges and immunities
  • Drafting policies and procedures to address regulatory and accreditation requirements
  • Assisting providers across the healthcare spectrum through multifaceted licensure processes (e.g., laboratory permits and CLIA certification, radiology permits, pharmacy licenses, pharmaceutical wholesaler and manufacturing registrations)
  • Providing comprehensive review of regulatory compliance for merger and acquisition transactions

Our Risk Management team is standing by to assist our clients in taking the steps necessary to protect against unintended mishaps, and to address incidents if they occur.

Practice Group Contacts

Featured Image

Stacey L. Gulick

Partner
516-393-2264

Team

Featured Image

Lara Jean Ancona

Partner/Director
516-393-2245
Featured Image

Barry B. Cepelewicz M.D. Esq.

Partner/Director
203-316-0483
Featured Image

Andrew E. Blustein

Chairman
516-393-2218
Featured Image

Kathleen M. Brown

Senior Attorney
518-560-4023
Featured Image

Zachary B. Cohen

Partner
203-399-0500
Featured Image

Taras M. Czebiniak

Senior Attorney
516-393-2586
Featured Image

Judith A. Eisen

Partner/Director
516-393-2220
Featured Image

Kimberly Kempton-Serra

Partner
201-518-3403
Featured Image

Barbara D. Knothe

Partner
516-393-2219
Featured Image

Eve Green Koopersmith

Of Counsel
516-393-2282
Featured Image

Terence A. Russo

Partner/Director
516-393-2271
Featured Image

Manish I. Shah

Partner
516-393-2503

December 11, 2024|Alerts

New DOJ Report: Providers Beware

Last week, the U.S. Department of Justice (DOJ) and the U.S. Department of Health and Human Services (HHS) released its annual, jointly authored Health Care Fraud and Abuse Control Program Report (the Report) for Fiscal Year 2023. 

December 11, 2024|Alerts

New OIG Priorities Emerge in Report

The U.S. Department of Health and Human Services (HHS), Office of Inspector General (OIG) released its Semiannual Report (SAR) to Congress on December 4, 2024.

November 21, 2024|Alerts

OIG Highlights New Concerns

This week, the U.S. Department of Health and Human Services (“HHS”), Office of Inspector General (“OIG”) fulfilled its annual statutory obligation by releasing its 2024 Top Management and Performance Challenges Report (the “Report”). Historically, the Report has not attracted widespread interest in the provider community because it largely focuses on HHS operational challenges. Importantly for providers and other stakeholders, however, the Report reveals crucial insights about compliance priorities for the year ahead.

September 19, 2024|Alerts

Update on Change Healthcare Class Action Litigation

The cybersecurity attack on Change Healthcare (“Change”), a subsidiary of the UnitedHealth Group, has caused widespread disruption, impacting health care providers and individuals whose personal data was compromised. This breach has led to numerous class action lawsuits, divided into two main groups: providers affected by the claims processing shutdown and individuals whose data was leaked. In June 2024, approximately 50 lawsuits were centralized into a Multi-District Litigation (MDL) in federal court in Minnesota. On September 17, 2024, the first conference in the matter occurred. As the litigation progresses, motions to dismiss, potential mediation, and class certification are expected to shape the case.

September 3, 2024|Alerts

HHS Withdraws Its Appeal of Tracking Technologies Decision

On August 29, 2024, the Federal Department of Health and Human Services (“HHS”) withdrew its appeal of a federal court decision that invalidated certain aspects of HHS guidance regarding the use of tracking technologies (e.g., pixels that collect data on website usage to create directed marketing campaigns).

August 14, 2024|Alerts

Is Your NJ Patient Safety Committee Protected by a Privilege?

In a recent ruling, the New Jersey Supreme Court concluded that the “self-critical analysis” privilege under the Patient Safety Act (“PSA”) and its implementing regulations can only be applicable if the information sought was generated for purposes of an independent patient safety committee that is created solely for the purposes of the PSA (i.e., the information […]

June 24, 2024|Alerts

OIG Greenlights Gene Therapy Assistance Program

The U.S. Department of Health and Human Services, Office of Inspector General (OIG) posted a favorable Advisory Opinion (24-03) permitting a pharmaceutical manufacturer (Manufacturer) to provide financial assistance  to qualified patients undergoing its gene therapy treatment for two severe genetic conditions.

June 6, 2024|Alerts

OIG Report Highlights Enforcement Priorities

The U.S. Department of Health and Human Services (HHS), Office of Inspector General (OIG) released its revamped Semiannual Report (SAR) on June 3, 2024.  The SAR’s new format focuses on the oversight work OIG completed during the reporting period, and emphasizes how this work directly addresses the Top Management Challenges Facing HHS. 

May 20, 2024|Alerts

Telehealth Update: NY Proposes Controlled Substance Prescribing, Waiting on DEA

On May 15, 2024, the New York State Department of Health (DOH) announced a pivotal change in its regulations, as it intends to permit health care providers to use telemedicine to conduct patient evaluations before prescribing controlled substances. Prior to the COVID-19 pandemic, DOH required health care providers to perform an initial in-person physical evaluation of patients before prescribing controlled substances.

May 8, 2024|Alerts

HIPAA Amendment Bolsters Privacy for Reproductive & Substance Use Disorder Care

The HIPAA Privacy Rule to Support Reproductive Health Care Privacy was recently announced as a final rule that becomes effective on June 25, 2024 (the “Final Rule”).  

May 1, 2024|Events

Be Prepared! NYS OMIG’s 2024 Work Plan Provides an Audit Roadmap for Health Care Providers of All Types

Garfunkel’s Compliance Webinar Series rolls on with an examination of the 2024 Work Plan published by the New York State Office of Medicaid Inspector General (OMIG).  

April 25, 2024|Alerts

FTC Bans Non-Competes Across the Nation

On Tuesday, April 23, 2024, the Federal Trade Commission (FTC) promulgated a final rule banning most non-compete agreements, in any industry, and is set to become effective 120 days after its publication in the Federal Register (the “Final Rule”).

April 16, 2024|Events

Cybersecurity – It’s More Than HIPAA: NY Regulatory Refresher for 2024

Join the health care professionals of Garfunkel Wild and Withum as they dive into the technical, legal, and financial steps you will need to take to come into compliance with the new cybersecurity regulations for New York hospitals.

March 13, 2024|Alerts

CMS Announces Payment Program for Providers Impacted by Change Healthcare Cyberattack

On March 9, 2024, CMS announced it will make available Change Healthcare/Optum Payment Disruption accelerated payments to providers experiencing potentially significant cash-flow problems as a result of the cyberattack on UnitedHealth Group’s subsidiary Change Healthcare/Optum .

January 30, 2024|Alerts

New York OMIG Updates Self-Disclosure Guidance

The New York State Office of the Medicaid Inspector General (OMIG) recently updated its Self-Disclosure Guidance and Frequently Asked Questions (collectively, “Updates”). These Updates give participating providers and entities additional insight into how to report overpayments involving unresponsive Medicaid Managed Care Organizations (MMCOs) or multiple entities, as well as those that are untimely, have adjusted or voided claims, or lost or damaged records. 

January 17, 2024|Alerts

OMIG’s 2024 Work Plan Gives Critical Insights into Program Integrity Initiatives

The New York State Office of the Medicaid Inspector General (OMIG) released its 2024 work plan in furtherance of its mission to coordinate and conduct activities to prevent, detect and investigate medical assistance program fraud, waste and abuse, and to recover improperly expended Medicaid funds.  

December 21, 2023|Alerts

More Provider “Nuggets” From OIG’s Year-End Reporting Blitz

Continuing its year-end reporting blitz, the U.S. Department of Health and Human Services (HHS) Office of Inspector General (OIG) released its Semiannual Report (SAR) to Congress on December 1, 2023. 

December 4, 2023|Alerts

Updates on Tracking Technologies and Information Blocking

As we have noted in a previous Garfunkel Wild alert, the Department of Health and Human Services (“DHHS”) Office of Civil Rights (‘OCR”) published guidance regarding the use of tracking technologies (i.e., technologies that collect and analyze information about how users interact with websites and mobile applications). 

November 30, 2023|Alerts

DOJ/HHS Jointly Release “Highlight Reel” Report

This week, the United States Department of Justice (DOJ) and the United States Department of Health and Human Services (HHS) fulfilled its annual statutory obligation by releasing its jointly-authored Health Care Fraud and Abuse Control Program (HCFAC) Report for Fiscal Year 2022.

November 29, 2023|Alerts

Flurry of Activity Around Patient Information Impacting New York Providers

In the last few months of 2023, there has been a flurry of legal activity pertaining to the use, disclosure, and protection of health information.  Here is a summary of the latest legal initiatives impacting New York providers.

November 14, 2023|Publications

HIPAA Risks That You Might Not Have Expected

In this article published in the New York City Pharmacists Society Newsletter, Stacey Gulick highlights some of most significant, and perhaps unexpected, issues that must be addressed by pharmacists in their ongoing HIPAA compliance efforts. 

November 7, 2023|Alerts

OIG Releases New General Compliance Program Reference Guide

On November 6, 2023, the OIG released its General Compliance Program Guidance, the first in a series of new, non-binding reference guides designed to share information with health care compliance professionals and other health care industry stakeholders

August 2, 2023|Events

FQHC Lessons Learned from the Field: Tips to Avoid OSV Non-Compliance

Join Garfunkel Wild’s attorneys as they discuss the OSV process, highlight the areas HRSA reviewers consider, and impart meaningful tips on how FQHCs can be in compliance.

March 24, 2023|Alerts

Provider Warning: Avoid Fake DEA Agents

Scammers have perpetuated a telephone fraud scheme attempting to extort money and personal identifiable information from healthcare providers by impersonating Drug Enforcement Administration (“DEA”) agents across the country.

January 27, 2023|Podcasts

Health Information Technology Podcast – Termination and Transition Periods

Garfunkel Wild's Health Care Information and Technology Practice Group's Podcast Series "Health Information Technology Podcast- Termination and Transition Periods".

December 15, 2022|Alerts

Online Tracking Technologies Can Lead to HIPAA Violations

The Department of Health and Human Services, Office of Civil Rights (“OCR”) has published a Bulletin which officially states that incorporating certain tracking technologies into websites and mobile applications may cause HIPAA violations that could result in breach notification obligations as well as penalties. This includes platforms and services provided by companies like Meta (formerly Facebook) and Google.

April 26, 2021|Alerts

Beware: HIPAA Compliance Scam

Earlier today, the United States Health and Human Services Office for Civil Rights (“OCR”) issued an alert concerning fraudulent postcards sent to health care organizations claiming to be official communications from OCR.

April 21, 2021|Events

Long Island Health Information Management Association John W. Ruth Annual Membership Conference

Robert Del Giorno will present at the Long Island Health Information Management Association John W. Ruth Annual Membership Conference on April 21, 2021.

April 8, 2021|Events

MSNJ Webinar- Review of 2021 E/M Guideline Changes and Information Blocking New Rules

Garfunkel Wild’s Terence Russo and Garfunkel Health Advisors will present at the Medical Society of New Jersey (MSNJ) Webinar – Review of 2021 E/M Guideline Changes and Information Blocking New Rules.

December 11, 2020|Alerts

OIG Issues Important New And Revised Safe Harbors

The United States Department of Health and Human Services (“HHS”), Office of Inspector General (“OIG”) recently issued an important final rule (the “Final Rule”) that makes significant changes to existing “Safe Harbors” under the Federal Anti-kickback Statue (“AKS”) and that adds new Safe Harbors that provide protection from AKS sanctions for certain types of arrangements.

April 27, 2020|Alerts

Confidentiality of Medical Information During the COVID-19 Crisis

The Equal Employment Opportunity Commission has issued new guidance for workplaces, dated April 17, 2020, as they start the process of preparing for the impending re-opening of their entities in the face of the Covid-19 pandemic.

March 19, 2020|Events

Garfunkel Wild Webinar – Implementing and Expanding Telehealth to Address COVID-19

Garfunkel Wild Partner/Director Debra A. Silverman and Partners Stacey L. Gulick and Sandra M. Jensen will present the webinar “Implementing and Expanding Telehealth to Address COVID-19” on March 19, 2020.

February 14, 2020|Events

2nd Annual Center for Health Education, Medicine, & Dentistry (CHEMED) Conference on Medicine & Ethics

Garfunkel Wild will present at the 2nd Annual Center for Health Education, Medicine, & Dentistry (CHEMED) Conference on Medicine & Ethics on February 14, 2020.

February 14, 2020|Alerts

Deadline for Reporting 2019 HIPAA Breaches is Approaching

As most of you are aware, all 2019 HIPAA security breaches affecting less than 500 individuals must be reported by covered entities (e.g., providers and health plans) to the Federal Department of Health and Human Services, Office of Civil Rights (“OCR”) prior to February 28, 2020. 

January 15, 2020|Events

Greater New York Hospital Association (GNYHA) Webinar – Clinical Trial Agreements

Lara Jean Ancona will present at the Greater New York Hospital Association’s (GNYHA) Webinar – Clinical Trial Agreements on January 15, 2020.

November 7, 2019|Events

Nassau County Bar Association’s Hospital & Health Law Committee Meeting

Stacey L. Gulick will present at the Nassau County Bar Association’s Hospital & Health Law Committee Meeting on November 7, 2019. 

October 23, 2019|Alerts

Compliance with the New York Shield Act

he New York SHIELD Act has gone into effect today (October 23, 2019) and entities that maintain electronic information regarding New York residents will need to ensure compliance. 

September 26, 2019|Events

Monroe County Medical Society Webinar Survival: HIPAA Webinar

Stacey Gulick will present at Monroe County Medical Society Webinar Survival Series: HIPAA Webinar on September 26, 2019.

August 21, 2019|Alerts

New York Shield Act Modifies Breach Notification Requirements

On October 23, 2019, the Stop Hacks and Improve Electric Data Security (“SHIELD”) Act goes into effect and significantly modifies the existing New York State breach notification requirements, including the addition of new requirements for covered entities (e.g., all health care providers and health plans) to report HIPAA breaches to the New York State Attorney General, as well as the Federal Department of Health and Human Services, Office of Civil Rights (“OCR”).

March 6, 2019|Events

Fairfield County Medical Association’s Webinar– Creating a Medical Record that Protects Your Patients, Your Practice and You

Barry B. Cepelewicz will present at the Fairfield County Medical Association’s Webinar – Creating a Medical Record that Protects Your Patients, Your Practice & You – March 6, 2019.

October 21, 2019|Media Mentions

Kimberly Kempton-Serra Quoted In ASC Focus Article Entitled “Set Up A Compliant Patient Transportation Service” October 2019

Kimberly Kempton-Serra Quoted In ASC Focus Article Entitled “Set Up A Compliant Patient Transportation Service” October 2019

Garfunkel Wild’s HIPAA, Privacy, and Risk Management Practice Group assists health care providers, insurance plans and their vendors (e.g., Independent Practice Associations, billing and software companies, Health Information Exchanges) in preparing for, and addressing, complex regulatory and operational issues.  Our objective is to assist our clients in implementing programs to avoid government interventions, and to support our clients when surveys, investigations, and settlement demands by federal and state regulatory and accreditation agencies occur.

HIPAA and Privacy

Information has become the foundation of providing quality health care, and therefore, a significant focus of health care providers and their vendors.  The Health Insurance Portability and Accountability Act of 1996 (HIPAA) as amended by the Health Information Technology for Economic and Clinical Health Act (HITECH) establishes – at a national level – the minimum requirements for protecting and ensuring the availability of patient information.  Other federal and state laws and regulations, however, add additional requirements for certain types of information and technology.  Garfunkel Wild has mastered this ever-changing and complex regulatory landscape and has assisted clients in:

  • Assessing and implementing HIPAA privacy and security compliance plans, including model policies/forms and training in a manner that also includes consideration of state requirements and accreditation standards
  • Responding to breaches of confidentiality of unsecured patient information including patient, federal and state notifications
  • Preparing responses to investigations by the Federal Department of Health and Human Services, Office of Civil Rights (OCR), and similar state agencies;
  • Defending entities in governmental investigations/actions and private causes of action for alleged federal and state privacy violations
  • Identifying appropriate strategies to allow for sharing of patient information for operational purposes (e.g., quality assurance, value based programs, research)
  • Negotiating business associate agreements
  • Implementing procedures to avoid allegations of Information Blocking
  • Responding to federal and state subpoenas and other discovery requests involving protected health and other patient-identifying information

Our HIPAA and Privacy team can assist in addressing all of the challenges of protecting patient information, while allowing for appropriate use and sharing of such information to improve and develop our clients’ health care services.

Risk Management

Health care providers are faced with a plethora of regulatory and litigation concerns; more so than most industries.   Garfunkel Wild has a deep understanding of the risks that our clients face, and assists our clients and their clinical leadership to navigate these regulatory complexities. Our Risk Management team has extensive experience in:

  • Preparing plans of correction to address findings identified by the Center for Medicare and Medicaid Services (CMS), state departments of health and the Joint Commission
  • Drafting Medical Staff Bylaws
  • Preparing admission forms and informed consents for operative procedures, off label use of medications and other unique treatment scenarios
  • Providing guidance and counsel to address professional misconduct and abuse reporting situations, as well as internal disciplinary decisions regarding licensed health care professionals
  • Implementing quality assurance and performance improvement programs, including consideration of applicable privileges and immunities
  • Drafting policies and procedures to address regulatory and accreditation requirements
  • Assisting providers across the healthcare spectrum through multifaceted licensure processes (e.g., laboratory permits and CLIA certification, radiology permits, pharmacy licenses, pharmaceutical wholesaler and manufacturing registrations)
  • Providing comprehensive review of regulatory compliance for merger and acquisition transactions

Our Risk Management team is standing by to assist our clients in taking the steps necessary to protect against unintended mishaps, and to address incidents if they occur.

Practice Group Contacts

Featured Image

Stacey L. Gulick

Partner
516-393-2264

Team

Featured Image

Lara Jean Ancona

Partner/Director
516-393-2245
Featured Image

Barry B. Cepelewicz M.D. Esq.

Partner/Director
203-316-0483
Featured Image

Andrew E. Blustein

Chairman
516-393-2218
Featured Image

Kathleen M. Brown

Senior Attorney
518-560-4023
Featured Image

Zachary B. Cohen

Partner
203-399-0500
Featured Image

Taras M. Czebiniak

Senior Attorney
516-393-2586
Featured Image

Judith A. Eisen

Partner/Director
516-393-2220
Featured Image

Kimberly Kempton-Serra

Partner
201-518-3403
Featured Image

Barbara D. Knothe

Partner
516-393-2219
Featured Image

Eve Green Koopersmith

Of Counsel
516-393-2282
Featured Image

Terence A. Russo

Partner/Director
516-393-2271
Featured Image

Manish I. Shah

Partner
516-393-2503

December 11, 2024|Alerts

New DOJ Report: Providers Beware

Last week, the U.S. Department of Justice (DOJ) and the U.S. Department of Health and Human Services (HHS) released its annual, jointly authored Health Care Fraud and Abuse Control Program Report (the Report) for Fiscal Year 2023. 

December 11, 2024|Alerts

New OIG Priorities Emerge in Report

The U.S. Department of Health and Human Services (HHS), Office of Inspector General (OIG) released its Semiannual Report (SAR) to Congress on December 4, 2024.

November 21, 2024|Alerts

OIG Highlights New Concerns

This week, the U.S. Department of Health and Human Services (“HHS”), Office of Inspector General (“OIG”) fulfilled its annual statutory obligation by releasing its 2024 Top Management and Performance Challenges Report (the “Report”). Historically, the Report has not attracted widespread interest in the provider community because it largely focuses on HHS operational challenges. Importantly for providers and other stakeholders, however, the Report reveals crucial insights about compliance priorities for the year ahead.

September 19, 2024|Alerts

Update on Change Healthcare Class Action Litigation

The cybersecurity attack on Change Healthcare (“Change”), a subsidiary of the UnitedHealth Group, has caused widespread disruption, impacting health care providers and individuals whose personal data was compromised. This breach has led to numerous class action lawsuits, divided into two main groups: providers affected by the claims processing shutdown and individuals whose data was leaked. In June 2024, approximately 50 lawsuits were centralized into a Multi-District Litigation (MDL) in federal court in Minnesota. On September 17, 2024, the first conference in the matter occurred. As the litigation progresses, motions to dismiss, potential mediation, and class certification are expected to shape the case.

September 3, 2024|Alerts

HHS Withdraws Its Appeal of Tracking Technologies Decision

On August 29, 2024, the Federal Department of Health and Human Services (“HHS”) withdrew its appeal of a federal court decision that invalidated certain aspects of HHS guidance regarding the use of tracking technologies (e.g., pixels that collect data on website usage to create directed marketing campaigns).

August 14, 2024|Alerts

Is Your NJ Patient Safety Committee Protected by a Privilege?

In a recent ruling, the New Jersey Supreme Court concluded that the “self-critical analysis” privilege under the Patient Safety Act (“PSA”) and its implementing regulations can only be applicable if the information sought was generated for purposes of an independent patient safety committee that is created solely for the purposes of the PSA (i.e., the information […]

June 24, 2024|Alerts

OIG Greenlights Gene Therapy Assistance Program

The U.S. Department of Health and Human Services, Office of Inspector General (OIG) posted a favorable Advisory Opinion (24-03) permitting a pharmaceutical manufacturer (Manufacturer) to provide financial assistance  to qualified patients undergoing its gene therapy treatment for two severe genetic conditions.

June 6, 2024|Alerts

OIG Report Highlights Enforcement Priorities

The U.S. Department of Health and Human Services (HHS), Office of Inspector General (OIG) released its revamped Semiannual Report (SAR) on June 3, 2024.  The SAR’s new format focuses on the oversight work OIG completed during the reporting period, and emphasizes how this work directly addresses the Top Management Challenges Facing HHS. 

May 20, 2024|Alerts

Telehealth Update: NY Proposes Controlled Substance Prescribing, Waiting on DEA

On May 15, 2024, the New York State Department of Health (DOH) announced a pivotal change in its regulations, as it intends to permit health care providers to use telemedicine to conduct patient evaluations before prescribing controlled substances. Prior to the COVID-19 pandemic, DOH required health care providers to perform an initial in-person physical evaluation of patients before prescribing controlled substances.

May 8, 2024|Alerts

HIPAA Amendment Bolsters Privacy for Reproductive & Substance Use Disorder Care

The HIPAA Privacy Rule to Support Reproductive Health Care Privacy was recently announced as a final rule that becomes effective on June 25, 2024 (the “Final Rule”).  

May 1, 2024|Events

Be Prepared! NYS OMIG’s 2024 Work Plan Provides an Audit Roadmap for Health Care Providers of All Types

Garfunkel’s Compliance Webinar Series rolls on with an examination of the 2024 Work Plan published by the New York State Office of Medicaid Inspector General (OMIG).  

April 25, 2024|Alerts

FTC Bans Non-Competes Across the Nation

On Tuesday, April 23, 2024, the Federal Trade Commission (FTC) promulgated a final rule banning most non-compete agreements, in any industry, and is set to become effective 120 days after its publication in the Federal Register (the “Final Rule”).

April 16, 2024|Events

Cybersecurity – It’s More Than HIPAA: NY Regulatory Refresher for 2024

Join the health care professionals of Garfunkel Wild and Withum as they dive into the technical, legal, and financial steps you will need to take to come into compliance with the new cybersecurity regulations for New York hospitals.

March 13, 2024|Alerts

CMS Announces Payment Program for Providers Impacted by Change Healthcare Cyberattack

On March 9, 2024, CMS announced it will make available Change Healthcare/Optum Payment Disruption accelerated payments to providers experiencing potentially significant cash-flow problems as a result of the cyberattack on UnitedHealth Group’s subsidiary Change Healthcare/Optum .

January 30, 2024|Alerts

New York OMIG Updates Self-Disclosure Guidance

The New York State Office of the Medicaid Inspector General (OMIG) recently updated its Self-Disclosure Guidance and Frequently Asked Questions (collectively, “Updates”). These Updates give participating providers and entities additional insight into how to report overpayments involving unresponsive Medicaid Managed Care Organizations (MMCOs) or multiple entities, as well as those that are untimely, have adjusted or voided claims, or lost or damaged records. 

January 17, 2024|Alerts

OMIG’s 2024 Work Plan Gives Critical Insights into Program Integrity Initiatives

The New York State Office of the Medicaid Inspector General (OMIG) released its 2024 work plan in furtherance of its mission to coordinate and conduct activities to prevent, detect and investigate medical assistance program fraud, waste and abuse, and to recover improperly expended Medicaid funds.  

December 21, 2023|Alerts

More Provider “Nuggets” From OIG’s Year-End Reporting Blitz

Continuing its year-end reporting blitz, the U.S. Department of Health and Human Services (HHS) Office of Inspector General (OIG) released its Semiannual Report (SAR) to Congress on December 1, 2023. 

December 4, 2023|Alerts

Updates on Tracking Technologies and Information Blocking

As we have noted in a previous Garfunkel Wild alert, the Department of Health and Human Services (“DHHS”) Office of Civil Rights (‘OCR”) published guidance regarding the use of tracking technologies (i.e., technologies that collect and analyze information about how users interact with websites and mobile applications). 

November 30, 2023|Alerts

DOJ/HHS Jointly Release “Highlight Reel” Report

This week, the United States Department of Justice (DOJ) and the United States Department of Health and Human Services (HHS) fulfilled its annual statutory obligation by releasing its jointly-authored Health Care Fraud and Abuse Control Program (HCFAC) Report for Fiscal Year 2022.

November 29, 2023|Alerts

Flurry of Activity Around Patient Information Impacting New York Providers

In the last few months of 2023, there has been a flurry of legal activity pertaining to the use, disclosure, and protection of health information.  Here is a summary of the latest legal initiatives impacting New York providers.

November 14, 2023|Publications

HIPAA Risks That You Might Not Have Expected

In this article published in the New York City Pharmacists Society Newsletter, Stacey Gulick highlights some of most significant, and perhaps unexpected, issues that must be addressed by pharmacists in their ongoing HIPAA compliance efforts. 

November 7, 2023|Alerts

OIG Releases New General Compliance Program Reference Guide

On November 6, 2023, the OIG released its General Compliance Program Guidance, the first in a series of new, non-binding reference guides designed to share information with health care compliance professionals and other health care industry stakeholders

August 2, 2023|Events

FQHC Lessons Learned from the Field: Tips to Avoid OSV Non-Compliance

Join Garfunkel Wild’s attorneys as they discuss the OSV process, highlight the areas HRSA reviewers consider, and impart meaningful tips on how FQHCs can be in compliance.

March 24, 2023|Alerts

Provider Warning: Avoid Fake DEA Agents

Scammers have perpetuated a telephone fraud scheme attempting to extort money and personal identifiable information from healthcare providers by impersonating Drug Enforcement Administration (“DEA”) agents across the country.

January 27, 2023|Podcasts

Health Information Technology Podcast – Termination and Transition Periods

Garfunkel Wild's Health Care Information and Technology Practice Group's Podcast Series "Health Information Technology Podcast- Termination and Transition Periods".

December 15, 2022|Alerts

Online Tracking Technologies Can Lead to HIPAA Violations

The Department of Health and Human Services, Office of Civil Rights (“OCR”) has published a Bulletin which officially states that incorporating certain tracking technologies into websites and mobile applications may cause HIPAA violations that could result in breach notification obligations as well as penalties. This includes platforms and services provided by companies like Meta (formerly Facebook) and Google.

April 26, 2021|Alerts

Beware: HIPAA Compliance Scam

Earlier today, the United States Health and Human Services Office for Civil Rights (“OCR”) issued an alert concerning fraudulent postcards sent to health care organizations claiming to be official communications from OCR.

April 21, 2021|Events

Long Island Health Information Management Association John W. Ruth Annual Membership Conference

Robert Del Giorno will present at the Long Island Health Information Management Association John W. Ruth Annual Membership Conference on April 21, 2021.

April 8, 2021|Events

MSNJ Webinar- Review of 2021 E/M Guideline Changes and Information Blocking New Rules

Garfunkel Wild’s Terence Russo and Garfunkel Health Advisors will present at the Medical Society of New Jersey (MSNJ) Webinar – Review of 2021 E/M Guideline Changes and Information Blocking New Rules.

December 11, 2020|Alerts

OIG Issues Important New And Revised Safe Harbors

The United States Department of Health and Human Services (“HHS”), Office of Inspector General (“OIG”) recently issued an important final rule (the “Final Rule”) that makes significant changes to existing “Safe Harbors” under the Federal Anti-kickback Statue (“AKS”) and that adds new Safe Harbors that provide protection from AKS sanctions for certain types of arrangements.

April 27, 2020|Alerts

Confidentiality of Medical Information During the COVID-19 Crisis

The Equal Employment Opportunity Commission has issued new guidance for workplaces, dated April 17, 2020, as they start the process of preparing for the impending re-opening of their entities in the face of the Covid-19 pandemic.

March 19, 2020|Events

Garfunkel Wild Webinar – Implementing and Expanding Telehealth to Address COVID-19

Garfunkel Wild Partner/Director Debra A. Silverman and Partners Stacey L. Gulick and Sandra M. Jensen will present the webinar “Implementing and Expanding Telehealth to Address COVID-19” on March 19, 2020.

February 14, 2020|Events

2nd Annual Center for Health Education, Medicine, & Dentistry (CHEMED) Conference on Medicine & Ethics

Garfunkel Wild will present at the 2nd Annual Center for Health Education, Medicine, & Dentistry (CHEMED) Conference on Medicine & Ethics on February 14, 2020.

February 14, 2020|Alerts

Deadline for Reporting 2019 HIPAA Breaches is Approaching

As most of you are aware, all 2019 HIPAA security breaches affecting less than 500 individuals must be reported by covered entities (e.g., providers and health plans) to the Federal Department of Health and Human Services, Office of Civil Rights (“OCR”) prior to February 28, 2020. 

January 15, 2020|Events

Greater New York Hospital Association (GNYHA) Webinar – Clinical Trial Agreements

Lara Jean Ancona will present at the Greater New York Hospital Association’s (GNYHA) Webinar – Clinical Trial Agreements on January 15, 2020.

November 7, 2019|Events

Nassau County Bar Association’s Hospital & Health Law Committee Meeting

Stacey L. Gulick will present at the Nassau County Bar Association’s Hospital & Health Law Committee Meeting on November 7, 2019. 

October 23, 2019|Alerts

Compliance with the New York Shield Act

he New York SHIELD Act has gone into effect today (October 23, 2019) and entities that maintain electronic information regarding New York residents will need to ensure compliance. 

September 26, 2019|Events

Monroe County Medical Society Webinar Survival: HIPAA Webinar

Stacey Gulick will present at Monroe County Medical Society Webinar Survival Series: HIPAA Webinar on September 26, 2019.

August 21, 2019|Alerts

New York Shield Act Modifies Breach Notification Requirements

On October 23, 2019, the Stop Hacks and Improve Electric Data Security (“SHIELD”) Act goes into effect and significantly modifies the existing New York State breach notification requirements, including the addition of new requirements for covered entities (e.g., all health care providers and health plans) to report HIPAA breaches to the New York State Attorney General, as well as the Federal Department of Health and Human Services, Office of Civil Rights (“OCR”).

March 6, 2019|Events

Fairfield County Medical Association’s Webinar– Creating a Medical Record that Protects Your Patients, Your Practice and You

Barry B. Cepelewicz will present at the Fairfield County Medical Association’s Webinar – Creating a Medical Record that Protects Your Patients, Your Practice & You – March 6, 2019.

October 21, 2019 |Media Mentions

Kimberly Kempton-Serra Quoted In ASC Focus Article Entitled “Set Up A Compliant Patient Transportation Service” October 2019

Kimberly Kempton-Serra Quoted In ASC Focus Article Entitled “Set Up A Compliant Patient Transportation Service” October 2019