This post was co-authored by Josh Yoo, legal intern at Robinson+Cole. Josh is not admitted to practice law.

Health care entities maintain compliance programs in order to comply with the myriad, changing laws and regulations that apply to the health care industry. Although laws and regulations specific to the use of artificial intelligence (AI) are limited at this time and in the early stages of development, current law and pending legislation offer a forecast of standards that may become applicable to AI. Health care entities may want to begin to monitor the evolving guidance applicable to AI and start to integrate AI standards into their compliance programs in order to manage and minimize this emerging area of legal risk.

Executive Branch: Executive Order on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence

Following Executive Order 13960 and the Blueprint for an AI Bill of Rights, Executive Order No. 14110 (EO) amplifies the current key principles and directives that will guide federal agency oversight of AI. While still largely aspirational, these principles have already begun to reshape regulatory obligations for health care entities. For example, the Department of Health and Human Services (HHS) has established an AI Task Force to regulate AI in accordance with the EO’s principles by 2025. Health care entities would be well-served to monitor federal priorities and begin to formally integrate AI standards into their corporate compliance plans.

  • Transparency: The principle of transparency refers to an AI user’s ability to understand the technology’s uses, processes, and risks. Health care entities will likely be expected to understand how their AI tools collect, process, and predict data. The EO envisions labelling requirements that will flag AI-generated content for consumers as well.
  • Governance: Governance applies to an organization’s control over deployed AI tools. Internal mechanical controls, such as evaluations, policies, and institutions, may ensure continuous control throughout the AI’s life cycle. The EO also emphasizes the importance of human oversight. Responsibility for AI implementation, review, and maintenance can be clearly identified and assigned to appropriate employees and specialists.
  • Non-Discrimination: AI must also abide by standards that protect against unlawful discrimination. For example, the HHS AI Task force will be responsible for ensuring that health care entities continuously monitor and mitigate algorithmic processes that could contribute to discriminatory outcomes. It will be important to permit internal and external stakeholders to have access to equitable participation in the development and use of AI.

Continue Reading Forecasting the Integration of AI into Health Care Compliance Programs

On March 18, 2024, the U.S. Department of Health and Human Services Office for Civil Rights (OCR) updated its guidance on the “Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates” (Guidance). OCR’s Guidance was first published on December 1, 2022, and is the subject of a lawsuit brought by

On February 8, 2024, the Centers for Medicare and Medicaid Services (CMS) issued a quality standard memorandum (QSO Memo) updating and revising a memorandum it issued on January 5, 2018, to now permit the texting of patient orders among members of the patient’s health care team. CMS’s 2018 memorandum clarified CMS’s then-current position that texting

This post was co-authored by Blair Robinson, a member Robinson+Cole’s Artificial Intelligence Team.

Artificial Intelligence (AI) has emerged as a major player in the realm of health care, promising to completely transform­ its delivery. With AI’s remarkable ability to analyze data, learn, solve problems, and make decisions, it has the potential to enhance patient

The World Health Organization (WHO) recently published “Ethics and Governance of Artificial Intelligence for Health: Guidance on large multi-modal models” (LMMs), which is designed to provide “guidance to assist Member States in mapping the benefits and challenges associated with the use of for health and in developing policies and practices for appropriate development

On December 13, 2023, the Office of the National Coordinator for Health Information Technology (ONC) issued its final rule entitled “Health Data, Technology, and Interoperability: Certification Program Updates, Algorithm Transparency, and Information Sharing” and known as “HTI-1” (Final Rule). Among other issues addressed in the Final Rule, ONC revised the information blocking rules to add clarity and to create a new information blocking exception. We outline these changes in further detail below. The information blocking provisions of the Final Rule will be effective 30 days after it is published in the Federal Register.Continue Reading ONC’s HTI-1 Final Rule Updates Information Blocking Regulations

On November 1, 2023, the U.S. Department of Health and Human Services (HHS) published a proposed rule titled “21st Century Cures Act: Establishment of Disincentives for Health Care Providers That Have Committed Information Blocking” (the Proposed Rule). The Proposed Rule, if finalized, would create disincentives for health care providers that the HHS Office of Inspector General (OIG) determines have committed “information blocking” (as defined at 45 C.F.R. § 171.103).Continue Reading HHS Proposes Disincentives for Providers that Commit Information Blocking

On May 2, 2023, legislators approved the $229 billion New York State FY 2023-2024 Budget Bill (“the Budget”), which was signed by Governor Hochul on May 3, 2023. Article VII of the Budget touches almost every aspect of the New York healthcare system, including home health, hospitals, laboratories, and reproductive health. It contains wide-ranging provisions that expand access to care, allow clinicians to provide more services, and allocate needed resources to providers. It targets Medicaid in multiple ways, including an extension of the Medicaid Global Cap on system-wide spending growth through FY 2025.[i] Here, we outline some of the key provisions that this Budget contains.Continue Reading New York Enacts Long Negotiated Budget Bill with Sweeping Implications for Health Care

On April 11, 2023 – one month in advance of the end of the COVID-19 public health emergency (PHE) on May 11, 2023 – the federal Office for Civil Rights (OCR) confirmed that various Notifications of Enforcement Discretion issued under HIPAA during the PHE will expire at the end of the day on May 11, 2023.Continue Reading OCR Reminder: Pandemic-Era HIPAA Flexibilities Will End May 11, 2023

On November 4, 2022, the Centers for Medicare & Medicaid Services (CMS) published the calendar year 2023 Home Health Prospective Payment System Rate final rule, which updates Medicare payment policies and rates for home health agencies.  Some of the key changes implemented by the final rule are summarized below.Continue Reading CMS Issues Calendar Year 2023 Home Health Final Rule