HIPAA, Privacy, and Risk Management

September 19, 2024|Alerts

The cybersecurity attack on Change Healthcare (“Change”), a subsidiary of the UnitedHealth Group, has caused widespread disruption, impacting health care providers and individuals whose personal data was compromised. This breach has led to numerous class action lawsuits, divided into two main groups: providers affected by the claims processing shutdown and individuals whose data was leaked. In June 2024, approximately 50 lawsuits were centralized into a Multi-District Litigation (MDL) in federal court in Minnesota. On September 17, 2024, the first conference in the matter occurred. As the litigation progresses, motions to dismiss, potential mediation, and class certification are expected to shape the case.

September 3, 2024|Alerts

On August 29, 2024, the Federal Department of Health and Human Services (“HHS”) withdrew its appeal of a federal court decision that invalidated certain aspects of HHS guidance regarding the use of tracking technologies (e.g., pixels that collect data on website usage to create directed marketing campaigns).

August 14, 2024|Alerts

In a recent ruling, the New Jersey Supreme Court concluded that the “self-critical analysis” privilege under the Patient Safety Act (“PSA”) and its implementing regulations can only be applicable if the information sought was generated for purposes of an independent patient safety committee that is created solely for the purposes of the PSA (i.e., the information […]

June 24, 2024|Alerts

The U.S. Department of Health and Human Services, Office of Inspector General (OIG) posted a favorable Advisory Opinion (24-03) permitting a pharmaceutical manufacturer (Manufacturer) to provide financial assistance  to qualified patients undergoing its gene therapy treatment for two severe genetic conditions.

June 6, 2024|Alerts

The U.S. Department of Health and Human Services (HHS), Office of Inspector General (OIG) released its revamped Semiannual Report (SAR) on June 3, 2024.  The SAR’s new format focuses on the oversight work OIG completed during the reporting period, and emphasizes how this work directly addresses the Top Management Challenges Facing HHS. 

May 20, 2024|Alerts

On May 15, 2024, the New York State Department of Health (DOH) announced a pivotal change in its regulations, as it intends to permit health care providers to use telemedicine to conduct patient evaluations before prescribing controlled substances. Prior to the COVID-19 pandemic, DOH required health care providers to perform an initial in-person physical evaluation of patients before prescribing controlled substances.

May 8, 2024|Alerts

The HIPAA Privacy Rule to Support Reproductive Health Care Privacy was recently announced as a final rule that becomes effective on June 25, 2024 (the “Final Rule”).  

May 1, 2024|Events

Garfunkel’s Compliance Webinar Series rolls on with an examination of the 2024 Work Plan published by the New York State Office of Medicaid Inspector General (OMIG).  

April 25, 2024|Alerts

On Tuesday, April 23, 2024, the Federal Trade Commission (FTC) promulgated a final rule banning most non-compete agreements, in any industry, and is set to become effective 120 days after its publication in the Federal Register (the “Final Rule”).

April 16, 2024|Events

Join the health care professionals of Garfunkel Wild and Withum as they dive into the technical, legal, and financial steps you will need to take to come into compliance with the new cybersecurity regulations for New York hospitals.

March 13, 2024|Alerts

On March 9, 2024, CMS announced it will make available Change Healthcare/Optum Payment Disruption accelerated payments to providers experiencing potentially significant cash-flow problems as a result of the cyberattack on UnitedHealth Group’s subsidiary Change Healthcare/Optum .

January 30, 2024|Alerts

The New York State Office of the Medicaid Inspector General (OMIG) recently updated its Self-Disclosure Guidance and Frequently Asked Questions (collectively, “Updates”). These Updates give participating providers and entities additional insight into how to report overpayments involving unresponsive Medicaid Managed Care Organizations (MMCOs) or multiple entities, as well as those that are untimely, have adjusted or voided claims, or lost or damaged records. 

January 17, 2024|Alerts

The New York State Office of the Medicaid Inspector General (OMIG) released its 2024 work plan in furtherance of its mission to coordinate and conduct activities to prevent, detect and investigate medical assistance program fraud, waste and abuse, and to recover improperly expended Medicaid funds.  

December 21, 2023|Alerts

Continuing its year-end reporting blitz, the U.S. Department of Health and Human Services (HHS) Office of Inspector General (OIG) released its Semiannual Report (SAR) to Congress on December 1, 2023. 

December 4, 2023|Alerts

As we have noted in a previous Garfunkel Wild alert, the Department of Health and Human Services (“DHHS”) Office of Civil Rights (‘OCR”) published guidance regarding the use of tracking technologies (i.e., technologies that collect and analyze information about how users interact with websites and mobile applications). 

November 30, 2023|Alerts

This week, the United States Department of Justice (DOJ) and the United States Department of Health and Human Services (HHS) fulfilled its annual statutory obligation by releasing its jointly-authored Health Care Fraud and Abuse Control Program (HCFAC) Report for Fiscal Year 2022.

November 29, 2023|Alerts

In the last few months of 2023, there has been a flurry of legal activity pertaining to the use, disclosure, and protection of health information.  Here is a summary of the latest legal initiatives impacting New York providers.

November 14, 2023|Publications

In this article published in the New York City Pharmacists Society Newsletter, Stacey Gulick highlights some of most significant, and perhaps unexpected, issues that must be addressed by pharmacists in their ongoing HIPAA compliance efforts. 

November 7, 2023|Alerts

On November 6, 2023, the OIG released its General Compliance Program Guidance, the first in a series of new, non-binding reference guides designed to share information with health care compliance professionals and other health care industry stakeholders

August 2, 2023|Events

Join Garfunkel Wild’s attorneys as they discuss the OSV process, highlight the areas HRSA reviewers consider, and impart meaningful tips on how FQHCs can be in compliance.

March 24, 2023|Alerts

Scammers have perpetuated a telephone fraud scheme attempting to extort money and personal identifiable information from healthcare providers by impersonating Drug Enforcement Administration (“DEA”) agents across the country.

January 27, 2023|Podcasts

Garfunkel Wild's Health Care Information and Technology Practice Group's Podcast Series "Health Information Technology Podcast- Termination and Transition Periods".

December 15, 2022|Alerts

The Department of Health and Human Services, Office of Civil Rights (“OCR”) has published a Bulletin which officially states that incorporating certain tracking technologies into websites and mobile applications may cause HIPAA violations that could result in breach notification obligations as well as penalties. This includes platforms and services provided by companies like Meta (formerly Facebook) and Google.

April 26, 2021|Alerts

Earlier today, the United States Health and Human Services Office for Civil Rights (“OCR”) issued an alert concerning fraudulent postcards sent to health care organizations claiming to be official communications from OCR.

April 21, 2021|Events

Robert Del Giorno will present at the Long Island Health Information Management Association John W. Ruth Annual Membership Conference on April 21, 2021.

April 8, 2021|Events

Garfunkel Wild’s Terence Russo and Garfunkel Health Advisors will present at the Medical Society of New Jersey (MSNJ) Webinar – Review of 2021 E/M Guideline Changes and Information Blocking New Rules.

December 11, 2020|Alerts

The United States Department of Health and Human Services (“HHS”), Office of Inspector General (“OIG”) recently issued an important final rule (the “Final Rule”) that makes significant changes to existing “Safe Harbors” under the Federal Anti-kickback Statue (“AKS”) and that adds new Safe Harbors that provide protection from AKS sanctions for certain types of arrangements.

April 27, 2020|Alerts

The Equal Employment Opportunity Commission has issued new guidance for workplaces, dated April 17, 2020, as they start the process of preparing for the impending re-opening of their entities in the face of the Covid-19 pandemic.

March 19, 2020|Events

Garfunkel Wild Partner/Director Debra A. Silverman and Partners Stacey L. Gulick and Sandra M. Jensen will present the webinar “Implementing and Expanding Telehealth to Address COVID-19” on March 19, 2020.

February 14, 2020|Events

Garfunkel Wild will present at the 2nd Annual Center for Health Education, Medicine, & Dentistry (CHEMED) Conference on Medicine & Ethics on February 14, 2020.

February 14, 2020|Alerts

As most of you are aware, all 2019 HIPAA security breaches affecting less than 500 individuals must be reported by covered entities (e.g., providers and health plans) to the Federal Department of Health and Human Services, Office of Civil Rights (“OCR”) prior to February 28, 2020. 

January 15, 2020|Events

Lara Jean Ancona will present at the Greater New York Hospital Association’s (GNYHA) Webinar – Clinical Trial Agreements on January 15, 2020.

November 7, 2019|Events

Stacey L. Gulick will present at the Nassau County Bar Association’s Hospital & Health Law Committee Meeting on November 7, 2019. 

October 23, 2019|Alerts

he New York SHIELD Act has gone into effect today (October 23, 2019) and entities that maintain electronic information regarding New York residents will need to ensure compliance. 

September 26, 2019|Events

Stacey Gulick will present at Monroe County Medical Society Webinar Survival Series: HIPAA Webinar on September 26, 2019.

August 21, 2019|Alerts

On October 23, 2019, the Stop Hacks and Improve Electric Data Security (“SHIELD”) Act goes into effect and significantly modifies the existing New York State breach notification requirements, including the addition of new requirements for covered entities (e.g., all health care providers and health plans) to report HIPAA breaches to the New York State Attorney General, as well as the Federal Department of Health and Human Services, Office of Civil Rights (“OCR”).

March 6, 2019|Events

Barry B. Cepelewicz will present at the Fairfield County Medical Association’s Webinar – Creating a Medical Record that Protects Your Patients, Your Practice & You – March 6, 2019.