Digital Health
Subscribe to Digital Health's Posts

April Trending in Telehealth

Numerous states—including North Dakota, Hawaii, Indiana, Texas and New Hampshire—have been busy finalizing rulemaking and legislation impacting healthcare providers, telehealth and digital health companies, pharmacists and technology companies that deliver and facilitate virtual care. What have these states been up to over the last month?

Learn more here.




read more

Healthcare Preview for the Week of May 1, 2023

There has been a flurry of activity in Congress focused on healthcare issues over the last two weeks. Committees in both the US House and Senate held hearings on legislation focused on increasing transparency and competition in the healthcare system that could have significant impacts for certain healthcare providers, healthcare plans and pharmacy benefit managers.

Read more here.




read more

Washington State Legislature Passes My Health My Data Act

The My Health My Data Act in Washington State (the Act) is expected to be signed into law by Governor Jay Inslee this year, after being passed by both the Washington Senate and House in different versions. Unlike recent state privacy laws, the Act specifically targets consumer health data that is not covered by the Health Insurance Portability and Accountability Act (HIPAA). It includes provisions that apply to processors and third parties who may handle a broadly defined set of consumer health data, beyond healthcare-adjacent businesses. The Act could have a significant impact on various entities, including advertisers, mobile app providers, wearable device manufacturers, healthcare companies and their data processors who handle non-HIPAA-regulated health information.

Read more here.




read more

Health Data in the EU and UK: Regulatory Trends and Developments

With the General Data Protection Regulation (GDPR) resulting in a rise in enforcement incidents, it is prudent for organizations operating in the health and life sciences industries across the United Kingdom, European Union (EU) and other European Economic Area (EEA) nations to assess their responsibilities regarding the gathering and handling of health data.

Major Points:

  • “Data concerning health” is a wide term; it doesn’t just apply to medical records. Policies and processing records should accurately capture all health data, including inference data.
  • Most EEA countries, and the United Kingdom, have national laws that supplement GDPR.
  • Consent is not the only legal basis for collecting, storing and using health data; there are other options available, but be aware that “insufficient legal basis for data processing” is a common type of GDPR violation.
  • If used, health data consents must be granular, specific and transparent, and they must break down all the purposes for which the data is being processed. Consent must be granted on an “opt-in” basis and not as a result of a pre-filled tick box.
  • Health data may be reused for genuine scientific research purposes provided the processing is compatible with the original use, appropriate safeguards are in place and any separate national law conditions are satisfied.
  • Privacy policies and transparency notices must be clear about the basis on which health data is processed.
  • Proceed carefully and consider reidentification risk when relying on anonymisation to process data; document any reidentification risk assessment and periodically review risk assessment in light of developments in publicly available data and evolving risk environment. Technical measures, such as evolving encryption standards, should be reviewed periodically.

Read more here.




read more

OCR Issues Proposed Rule to Modify HIPAA Privacy Rule to Include Explicit Protections for Reproductive Healthcare

On April 12, 2023, the US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) issued a notice of proposed rulemaking detailing its proposal to modify the HIPAA Privacy Rule (Proposed Rule). The Proposed Rule comes as a part of the Biden administration’s response to the US Supreme Court’s ruling in Dobbs v. Jackson Women’s Health Organization.

The Proposed Rule would provide special protections for protected health information (PHI) related to reproductive healthcare. Following the Dobbs decision, many healthcare providers expressed concerns that PHI related to reproductive healthcare may be sought by state and local governments for use in criminal, civil or administrative investigations or proceedings. OCR noted that such compelled uses and disclosures of PHI could have a chilling effect on lawfully obtained healthcare and erode trust in confidential communications between a patient and provider. Additionally, providers could elect to leave out critical details from a patient’s medical record if they fear the information could later be used by a state or local government actor against the patient.

Stakeholders may submit comments on the proposed rule on or before June 16, 2023.

Read more here.




read more

Telehealth Trends to Watch: Increased Focus on Privacy and Security

We expect to see continued focus on privacy and security at the federal and state level. For example, California, Virginia, Colorado, Utah and Connecticut have new privacy laws coming into effect in 2023. As part of our State Law Privacy Video Series, McDermott described how these laws will affect health data and healthcare entities—in particular, those entities that are regulated by HIPAA.

In addition, at the end of 2022, the US Department of Health and Human Services (HHS) proposed long-awaited changes to the regulations protecting the confidentiality of substance-use disorder patient records under Part 2 of Title 42 of the Code of Federal Regulations (42 CFR Part 2, or Part 2). Specifically, the proposed rule would implement provisions of Section 3221 of the Coronavirus Aid, Relief, and Economic Security Act (CARES Act), which required HHS to align Part 2 with certain provisions of HIPAA and to make certain changes to the HIPAA Notice of Privacy Practices, the form given to patients and plan members that describes patient privacy rights, covered entity duties, and the covered entity’s uses and disclosures of protected health information.

Read more here.




read more

New 50-State Survey | ID Verification for Telemedicine Encounters

Verifying the identity of a patient prior to delivering telehealth services is important to prevent a range of potential risks, including the creation of fake accounts, insurance fraud and drug abuse/diversion.

A growing number of states and health plans require the verification of a patient’s identity. This verification activity has become a standard practice in the telehealth industry and is expected to continue.

Download our 50-state survey to learn which states require patient identity verification and access links to relevant state laws in one convenient place.

Download the report.




read more

Digital Health: 2022 Year in Review

Digital health is one of the fast-growing segments of the healthcare market, with patients, clinicians and regulators increasingly aligned behind digitization opportunities. Over the last three years, patients and clinicians alike have embraced digitally delivered care and telehealth-related flexibilities.

In this report, McDermott’s Digital Health team takes a close look at the forces shaping the sector in 2023, including:

  • Telehealth regulatory trends
  • Women’s health
  • Increased scrutiny on tracking, privacy and security
  • Unwinding from the Public Health Emergency
  • State of investing and dealmaking

Access the report.




read more

Drug Discount Review Boards Proposed by Biden Health Agency

The Biden administration recently proposed revising the process behind an outlet for pharmaceutical companies to resolve price fights for those participating in the 340B drug discount program. According to this Bloomberg article, disputes between providers and pharmaceutical companies were in limbo as the industry waited for the Biden administration to replace an administrative dispute resolution (ADR) board. McDermott Partner Emily J. Cook said the proposed US Department of Health and Human Services rule ushers in “some significant changes” from the prior ADR process.

Access the full article.




read more

Pandemic Response Accountability Committee Report Highlights Telehealth Program Integrity Concerns

On December 1, 2022, the Pandemic Response Accountability Committee (PRAC) Health Care Subgroup issued its report on fraud, waste and abuse risks that arose as a result of the dramatic increase in telehealth services provided during the COVID-19 pandemic. The PRAC was created under the CARES Act to oversee the historic spending that was part of the federal government’s response to the COVID-19 pandemic. The PRAC Health Care Subgroup comprises the offices of the inspector general (OIGs) for six federal agencies:

  • The US Department of Health and Human Services (HHS)
  • The US Department of Defense (DoD)
  • The Office of Personnel Management (OPM)
  • The US Department of Veterans Affairs (VA)
  • The US Department of Labor (DOL)
  • The US Department of Justice (DOJ).

Each OIG oversees an agency that administers a federal program connected to using or paying for telehealth services.

The report highlights the increased access to services that telehealth facilitated during the pandemic and notes key focus areas with respect to program integrity and preventing fraud and abuse. The report is a resource intended to be used by stakeholders across the healthcare industry, including congressional lawmakers, federal and state agencies, and healthcare organizations. The report aims to raise awareness of the importance of safeguarding expanded telehealth services against fraud, waste and abuse.

Read more here.




read more

BLOG EDITORS

STAY CONNECTED

TOPICS

ARCHIVES

Top ranked chambers 2022
US leading firm 2022