Photo of Ellen Janos

Ellen Janos is a Member in the firm’s Boston office. Ellen specializes in providing regulatory and strategic advice to health care providers and payors of all types, including hospitals, managed care organizations, long-term care facilities, pharmacies, pharmaceutical and device manufacturers, telemedicine providers, and urgent care and retail health clinics. She also represents companies doing business with, and investing in, health care providers.

As we look back on 2017, one message is clear: don’t be a Scrooge when it comes to HIPAA compliance. With ever-evolving security threats and unrelenting enforcement, regulated entities must maintain a spirit of compliance that lasts the whole year through.  It is in that spirit – and with apologies to Charles Dickens – that our HIPAA year in review is brought to you by the ghosts of HIPAA Past, HIPAA Present and HIPAA Yet to Come.

The Ghost of HIPAA Past

2017 continued to be haunted by large-scale data breaches.  As reported by our Privacy & Security colleagues, Equifax announced one of the largest breaches in US history in September, which involved highly sensitive information such as social security numbers and birth dates.  The Equifax breach didn’t involve health information, but in July, OCR sent a clear message regarding the importance of health information security and ratcheted up the fear factor associated with its HIPAA Breach Reporting Tool (HBRT), commonly referred to as the HIPAA “Wall of Shame.” The updates make it easier to search and view information about data breaches and make it harder for offenders to hide in the aftermath of a breach.  Continue Reading Bah, Humbug! HIPAA Compliance Isn’t Getting Any Easier

The market for apps designed to improve health and wellness or even to diagnose and treat medical conditions continues to grow.  Last week, the U.S. Food and Drug Administration (“FDA”)  approved a new smartphone-based “carbon monoxide breath sensor system” that measures carbon monoxide levels on a user’s breath. The sensor, which is intended to help users quit smoking, tracks the real time effects of a user’s smoking behavior.  And just a few weeks ago, the FDA gave its approval to a cognitive behavioral therapy app to be used in outpatient therapy for substance use disorders related to alcohol, cocaine, marijuana and stimulants.  Continue Reading Building a Health App? Part 4: Avoiding an FTC Enforcement Action

Last week, Apple announced the new Apple Watch Series 3 which will feature an enhanced heart rate app.  The app will notify you when it detects an elevated heart rate even when you are not working out.  The sensor will also be able to analyze cardiac arrhythmia. According to one estimate, 165,000 health-related apps were available for Apple or Android smartphones last year. Forecasts predict that such apps will be downloaded 1.7 billion times by 2017.  Without a doubt, health apps are turning into a big business presenting not only an opportunity for financial success but the potential to impact the health and wellness of millions of consumers.  The success of a health app will depend on careful consideration of some key legal issues during the early stages of development.  In a series of weekly blog posts, we will cover these issues and provide best practices to help guide you through the successful launch of your health app.  Below is a preview of what this series will cover.    Continue Reading Building a Health App? What You Need to Know

Last week, the Massachusetts Department of Public Health issued another round of proposed amendments to its regulations, continuing the Baker Administration’s regulatory reform efforts.  Today, we take a closer look at the proposed amendments to the proposed regulations governing the licensure of hospice programs.

As expected, many of the proposed changes are aimed at making the hospice regulations consistent with the rules that govern other health facilities such as hospitals and clinics.  For example, consistent with the hospital and clinic regulations, the Commissioner would be given broad authority to determine under what circumstances a change in control of the operation of the hospice rises to the level of a “transfer of ownership”.  Another change for consistency purposes is the proposed revision to the rules governing incident reporting.  Under the proposed rule, a hospice inpatient facility must report unanticipated deaths and any serious incidents or accidents as defined in guidelines of the Department.    Continue Reading Massachusetts Licensure of Hospice Programs Proposed Regulations – Key Take-Aways

In previous blog posts, we addressed the Massachusetts Department of Public Health’s (DPH) proposed regulations that affect hospitals, dialysis clinics and medical marijuana programs.  In this final post on DPH’s recent regulatory review and overhaul, we address the proposed amendments to the clinic licensure regulations.  DPH’s presentation to the Public Health Council is available here.  As with the proposed amendments to the hospital and dialysis clinic regulations, many of the changes to the clinic licensure regulations are technical in nature and aimed at reducing the regulatory burden on clinics, aligning reporting obligations with other state and federal Massachusetts requirements and updating regulatory language.  DPH did, however, propose some a number of substantive amendments to the clinic licensure regulations, including the following: Continue Reading Massachusetts Licensure of Clinics Proposed Regulations – Key Take-Aways

Last month, Jonathan Woodson, M.D., the Assistant Secretary of Defense for Health Affairs for the U.S. Department of Defense, issued a memorandum that effectively changes the Military Health System (“MHS”) policy on telemedicine. The new policy enables the MHS to treat patients via telemedicine when the patients are located in their homes or other locations “deemed appropriate by the treating provider.” Previously, similar to the originating site restrictions found in the current Medicare reimbursement laws, MHS providers could only treat patients via telemedicine if the patients were physically present at a military treatment facility or other designated facility, which did not include the patient’s home.

The memorandum notes that one of MHS’s major focus areas over the past year has been promoting additional options for accessing care. And the Assistant Secretary has been an outspoken advocate for expanding telemedicine services in the MHS. For example, during the keynote speech at the American Telemedicine Association’s 2014 conference, he noted that as care standards continue to evolve, it’s imperative that the MHS embrace telehealth. Continue Reading U.S. Department of Defense Expands Telemedicine Access for Military Members

Recognizing the importance of telemedicine, a committee of the Massachusetts Health Policy Commission recently voted on a grant program that will award up to $500,000 each for two telemedicine pilots that target the behavioral health needs of children, homebound seniors, and people with substance use disorders.  The two grants will be awarded with monies from a 2016 budget provision that authorized a one-year, regional pilot program “to further the development and utilization of telemedicine in the commonwealth.”  The Commission expects to release a request for proposals in February and announce the awards in the spring.

Massachusetts joins other states in taking needed steps to expand the use of telemedicine.  Last year was an important year for the expansion of Medicaid and private insurance coverage of telemedicine services with many states passing laws to ensure that telemedicine visits would be covered and paid for similar to office based visits. We expect this to be one of many trends that continue into 2016, as telemedicine continues to grow, highlighted in our recent post “Telemedicine – 2015 Year in Review.”

As the year winds down, we look back on the significant developments in telemedicine in 2015 as well as look forward to what 2016 will bring. The number of providers offering telemedicine and telehealth services dramatically increased in 2015, with no sign of slowing in 2016. This is, in large part, due to state lawmakers’ attempts to remove or ease common barriers to telemedicine expansion – including licensure and reimbursement.  States continue to sign on to the interstate medical licensure compact, and more states are requiring commercial insurers to cover telemedicine services on par with in-person services. Not to be left out, Congress introduced several bills in 2015 that seek to expand the use of telemedicine for Medicare beneficiaries, and we expect a fourth telemedicine bill to be introduced early in 2016 that would address Medicare coverage and reimbursement. Additionally, many state legislatures and/or state medical boards issued more detailed standards for the provision of online treatment and prescribing, which decreases the uncertainty of state laws in this area and paves the way for providers to tailor their telemedicine programs to fit within state laws. Listed below are four important developments in telemedicine for 2015 and our prediction of trends in 2016. Continue Reading Telemedicine – 2015 Year in Review

Last week, the US Attorney’s Office in Boston announced that drug company Warner Chilcott agreed to plead guilty to health care fraud and pay $125 million to resolve criminal and civil liability arising out of allegations involving the promotion of the company’s drugs.  Continuing its focus on individuals, the former President of the Company has been charged with conspiring to pay kickbacks to physicians. The government interest in prosecuting illegal drug promotion activities and illegal payments to physicians has been a longstanding priority.  However, in a new twist that should be of great interest to the health care community, the government has brought criminal charges under the Health Insurance Portability and Accountability Act (HIPAA) against company employees as well as the physician practice owner for the alleged unlawful access and disclosure of  patient medical records. These HIPAA violations could result in prison sentences, significant fines and exclusion from the Medicare program. Continue Reading HIPAA Lessons from the Warner Chilcott Settlement

Health care is big business in Massachusetts, and it is a highly regulated business. But Governor Charlie Baker hopes to simplify the Massachusetts regulatory regime. This past March, Governor Baker initiated a year-long review of each and every regulation under the Executive Department’s jurisdiction, which includes the regulations falling under the primary oversight agency for health care in Massachusetts – the Executive Office of Health and Human Services.

As the Secretary of Health & Human Services, Marylou Sudders leads the largest executive agency in Massachusetts – there are nearly twenty departments and divisions under her oversight, including the Department of Public Health, Department of Mental Health, and the Division of Health Care Finance and Policy. These agencies (and others) promulgate health care rules and regulations about licensing and certification, quality and data reporting, clinical, recordkeeping, operational and facility requirements, and more – leaving providers and payors to wind through a labyrinth of legal requirements.

Enter Executive Order 562.

Continue Reading Massachusetts Health Care Regulatory Review – Opportunity for Industry Comment