On February 8, 2024, the Centers for Medicare and Medicaid Services (CMS) issued a quality standard memorandum (QSO Memo) updating and revising a memorandum it issued on January 5, 2018, to now permit the texting of patient orders among members of the patient’s health care team. CMS’s 2018 memorandum clarified CMS’s then-current position that texting

On February 8, 2024, the U.S. Department of Health and Human Services (HHS) issued a final rule (Final Rule) updating federal “Part 2” regulations to more closely align the requirements applicable to substance use disorder (SUD) treatment records with the HIPAA privacy rule, and to make certain other changes. The regulations at 42

This post was co-authored by Blair Robinson, a member Robinson+Cole’s Artificial Intelligence Team.

Artificial Intelligence (AI) has emerged as a major player in the realm of health care, promising to completely transform­ its delivery. With AI’s remarkable ability to analyze data, learn, solve problems, and make decisions, it has the potential to enhance patient

The World Health Organization (WHO) recently published “Ethics and Governance of Artificial Intelligence for Health: Guidance on large multi-modal models” (LMMs), which is designed to provide “guidance to assist Member States in mapping the benefits and challenges associated with the use of for health and in developing policies and practices for appropriate development

On October 31, 2023, the Office for Civil Rights (OCR) issued a press release announcing that it has settled with Doctors’ Management Services for $100,000 following a ransomware attack that compromised the protected health information of 206,695 individuals.

According to the press release, “this marks the first ransomware agreement OCR has reached.”  The facts underlying

On April 12, 2023, the U.S. Department of Health & Human Services (HHS) released a Notice of Proposed Rulemaking (Proposed Rule) that seeks to enhance safeguards of reproductive health care information through changes to the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule. The proposal is intended to align with President Biden’s Executive Order

On April 11, 2023 – one month in advance of the end of the COVID-19 public health emergency (PHE) on May 11, 2023 – the federal Office for Civil Rights (OCR) confirmed that various Notifications of Enforcement Discretion issued under HIPAA during the PHE will expire at the end of the day on May 11, 2023.Continue Reading OCR Reminder: Pandemic-Era HIPAA Flexibilities Will End May 11, 2023

HIPAA requires that covered entities notify the Office for Civil Rights (OCR) of any breaches of unsecured protected health information that affects less than 500 individuals in a calendar year within 60 days following the end of the calendar year.

Therefore, all breaches that affected less than 500 individuals that occurred in 2022 and have

On November 28, 2022, the Department of Health and Human Services (HHS) issued a proposed rule to modify the confidentiality protections of Substance Use Disorder (SUD) patient treatment records under 42 CFR Part 2 (Part 2) to implement statutory amendments passed under Section 3221 of the Coronavirus Aid, Relief, and Economic Security (CARES) Act (42 U.S.C. 290dd-2). Comments are being accepted for 60 days from the date of publication.Continue Reading HHS Proposes Rule to Align Part 2 Records and HIPAA

According to the 2022 State of Ransomware Report issued recently by Sophos, it surveyed 5,600 IT professionals from 31 countries, including professionals in the health care sector. Those professionals in the health care sector shared that 66 percent of them had experienced a ransomware attack in 2021, which was an increase of 69 percent over 2020. This was the largest increase of all sectors surveyed.Continue Reading Privacy Tip – Health Care Sector Continues to Be Hit with Ransomware