Entities that provide treatment to patients with substance use disorders may find some clarity on federal requirements surrounding patient record confidentiality. The Department of Health & Human Services (HHS) Substance Abuse and Mental Health Services Administration (SAMHSA) recently announced much-anticipated proposed changes to the federal regulations at 42 C.F.R. part 2 (Part 2), which govern … Continue Reading
In an unprecedented settlement arising from a federal lawsuit in the U.S. District Court for the Northern District of Indiana, a medical software provider agreed to pay $900,000 to 16 state attorneys general (AGs) for alleged violations of a conglomerate of state and federal privacy laws. The settlement represents the resolution of the first-ever multistate data … Continue Reading
The U.S. Department of Health and Human Services Office for Civil Rights (OCR) released a new fact sheet outlining and clarifying violations of HIPAA (Health Insurance Portability and Accountability Act of 1996) for which a business associate can be held directly liable. Published shortly after the release of new guidance from OCR in the form … Continue Reading
The Federal Food and Drug Administration (“FDA”) recently published a draft guidance to assist industry and State and local governments in understanding how to categorize entities in the drug supply chain in accordance with the Drug Supply Chain Security Act (“DSCSA”). The DSCSA establishes product tracing, licensure, reporting, and other requirements for certain trading partners … Continue Reading
The Centers for Medicare & Medicaid Services (CMS) issued a final rule on September 28, 2016, comprehensively updating and extensively revising the requirements for participation (ROPs) for long-term care (LTC) facilities participating in the Medicare and Medicaid programs (the Final Rule). As the first major update to the requirements for LTC facilities in 25 years, the … Continue Reading
Following a recent U.S. government interagency report indicating that, on average, there has been an alarming 300 percent spike in daily ransomware attacks since early 2016 as compared with 2015, the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) released new Health Insurance Portability and Accountability Act (“HIPAA”) guidance on … Continue Reading
We’ve blogged about medical device cybersecurity topics here and most recently here. The topic is in the news yet again with the FDA issuing a draft guidance outlining postmarket recommendations for medical device manufacturers to address cybersecurity risks. The draft guidance recommends that manufacturers should execute a structured, systematic, and comprehensive cybersecurity risk management program … Continue Reading
On July 10, 2015, the U.S. House of Representatives passed with an overwhelming majority (344-77), the 21st Century Cures bill (H.R. 6), a high-profile bipartisan bill intended to speed up and improve the process for approving innovative drugs and medical devices, and to address other issues, including those regarding clinical trial design, research funding, and … Continue Reading
The Food and Drug Administration (FDA) has issued a notice announcing the availability of a draft guidance document clarifying its acceptance of medical device clinical data from studies conducted in countries other than the United States. The document is intended to provide guidance regarding the 2012 Food and Drug Administration Safety and Innovation Act § 1123, amending Food, Drug & Cosmetic Act § 569B, which codified FDA's policy of accepting scientifically-valid clinical data obtained from non-U.S. clinical studies in support of premarket submissions for medical devices.… Continue Reading