In its most recent Cybersecurity Newsletter, OCR focuses on the intersection of HIPAA and information security.  To be sure, HIPAA requires covered entities and business associates to address their organizations’ information security. This obligation stems from HIPAA’s requirement that covered entities and business associates assess the potential risks and vulnerabilities to the confidentiality, integrity and availability of their electronic protected health information. This is referred to as a “risk assessment” or “risk analysis” and is a core element of HIPAA’s Security Rule. But it is not enough to simply assess or analyze the risk; HIPAA requires that the risks be mitigated. This is particularly important when it comes to information security risk. As OCR states in its newsletter: Continue Reading HIPAA, Security Vulnerabilities and Patching

This week, focus turns to the Senate as the House overwhelmingly passed its opioid package known as H.R. 6 last week (see our previous coverage here). The Senate will look to combine its various proposals into one package for floor consideration and what passes will provide a timeline for reconciling the House and Senate packages. In other news, the Senate will spend time in the HELP and Finance Committee on drug pricing. With Secretary Azar set to testify, we look for signals that the Administration is moving forward with any aspect of its drug pricing blueprint. We cover this and more in this week’s preview, which you can find here.

The government is focusing on opioids.  Whether it be program policies, enforcement, or legislation, combating the opioid epidemic continues to be a major focus for government officials.  It is also a major piece of the health care legislation moving in both the House and the Senate.

In the Senate, the Judiciary Committee advanced five bills relating to the opioid crisis, and the HELP Committee advanced the “Opioid Crisis Response Act of 2018,” which has over 40 measures relating to opioids. Most recently (6/12), the Senate Finance Committee unanimously approved the Helping To End Addiction And Lessen (HEAL) Substance Use Disorders Act Of 2018.  That Act includes the expansion of the Physician Payment Sunshine Act to include payments to mid-level providers, as we previously blogged about here.  Click here for a summary of all Senate bills.

On the House side, over the last two weeks, the House passed over 50 bills to combat the opioid crisis and have received bipartisan support. Additional opioid related bills have been introduced and passed out of committee. On June 20, the House voted and passed three additional opioid bills (HR 5925, HR 9797, and HR 6082). Two of these bills were considered controversial. H.R. 5797, The IMD CARE Act, repeals the Medicaid IMD exclusion for individuals with opioid use disorders. H.R. 6082, The Overdose Prevention and Patient Safety Act, amends 42 CFR Part 2 confidentiality protections pertaining to substance use disorder patient records.  Continue Reading Opioids Have Our Attention

Thousands of laboratories nationwide will be happy to hear that Florida, which licenses in-state as well as out-of-state laboratories, has repealed its laboratory licensure requirements.  As of July 1, 2018, laboratories doing business in Florida need only maintain CLIA certification. Continue Reading Florida Repeals Laboratory Licensure Requirements Effective July 1st

Privacy and security compliance obligations for health care companies remain hot topics this spring. Health care companies must now contend with data breach laws in all 50 states as well as keeping on top of federal HIPAA developments.

New Colorado Data Breach Law

Our Privacy and Security colleagues recently blogged about a new Colorado law that imposes strict requirements on entities that maintain, own, or license personal identifying information of Colorado residents. The law broadly defines “personal identifying information” as a Social Security number; a person identification number; a password or passcode; a driver’s license or identification card number; a passport number; biometric data; an employer, student, or military identification number; or a financial transaction device. In addition, the law requires entities to report breaches of such data within 30 days of discovery.

Continue Reading Privacy and Security Round-up – Colorado Data Breach Law, Guidance from OCR

A lot has happened since we last addressed new biosimilar developments in January 2018. In the intervening months, there have been many significant developments related to FDA’s implementation of an efficient regulatory program for biosimilar products and the abbreviated BLA (aBLA) review process. Today we’re going to recap some of what has transpired over the past 5 months in the biosimilars space in an attempt to get our readers caught up. Continue Reading Biosimilars in the Limelight – A Lot Has Happened Since January 2018

It has been a few weeks since the publication of the Trump Administration’s Blueprint to Lower Drug Prices, and Secretary Azar’s  Request for Information (RFI) on the Blueprint.  We previously posted about the Blueprint’s focus on the 340B Drug Discount Program.

Many have speculated about the possible changes in store for Medicare under the Blueprint, especially the potential changes to Medicare Parts B and D.  But what about Medicaid?  Unlike Medicare, the federal government does not have exclusive authority to impose operational changes in Medicaid, because of the role of the individual states (and DC) in administering their own Medicaid Programs.  What do the Blueprint and RFI say about Medicaid, and what are the potential implications? Continue Reading A Deeper Dive: What the Trump Administration Blueprint to Lower Drug Prices Might Mean for Medicaid

Welcome to the third week of this four week stretch. This week, the House will continue to vote on a number of proposals to address the opioid crisis. Last week the House passed over 30 bills on opioids, most of which were non-controversial and reached bipartisan support. However, the bills considered this week are expected to have spending tied to them and could therefore be more controversial.  We cover this and more in this week’s health care preview, which you can find here.

On Thursday June 14, 2018, the US Court of Appeals for the Federal Circuit ruled against two health plans seeking risk corridors payments from the federal government. A more detailed background on the program and pending litigation is available in my prior post hereContinue Reading Appeals Court Rejects Insurers Risk Corridors Claims