The US Department of Health and Human Services, Office for Civil Rights (OCR), announced a settlement agreement on June 15, 2023 with not-for-profit community hospital Yakima Valley Memorial Hospital (Yakima) related to Yakima employees’ snooping in medical records that resulted in the breach of protected health information (PHI).

Throughout the COVID-19 pandemic and related public health emergency (PHE), the US Department of Health and Human Services, Office for Civil Rights (OCR) issued four Notifications of Enforcement Discretion (referred to as “waivers”) designed to offer flexibility to healthcare providers battling the virus. On April 11, the OCR announced that these waivers will officially expire on May 11, 2023, in conjunction with the end of the PHE. While it is not unexpected that the OCR is pulling back these waivers, healthcare providers must ensure that their ongoing operations are fully compliant with the OCR’s HIPAA-related requirements. This blog post details the list of waivers issued by the OCR that will expire on May 11.

On February 9, 2022, US Senators Bill Cassidy, M.D. (R-LA) and Tammy Baldwin (D-WI) introduced bipartisan legislation designed to modernize health privacy laws, including the Health Insurance Portability and Accountability Act of 1996 (HIPAA), and account for emerging healthcare technologies not addressed by existing law.

The new Civil Cyber-Fraud Initiative of the US Department of Justice’s use of the punitive False Claims Act (FCA) and its whistleblower provisions has some important legal and risk management considerations for the health industry. Because enforcement will initially occur largely through civil investigations applying the FCA in the broadest possible way, healthcare organizations should undertake a priority assessment of their cybersecurity status to ensure that their practices can withstand hacks, whistleblowers, and government scrutiny.

Members of our emerging business and technology team recently hosted a webinar on seed financing structures for digital health companies. The program, led by partner Benjamin David Novak and associate Jessica Lee, discussed the market trends in digital health company financings as well as the various deal structures frequently used in seed financings.

We invite Health Law Scan readers to join members of our digital health team for a webinar set to discuss the various deal structures frequently used in digital health company seed financings, as well as the range of market terms for each.

Members of our labor and employment team recently published a LawFlash discussing the US Department of Labor’s (DOL’s) April 14 issuance of three pieces of subregulatory guidance addressing the cybersecurity practices of retirement plan sponsors, vendors, and plan participants respectively. This resource, which includes our team’s analysis and observations, may be of particular interest to employers in the healthcare sector, who are all too familiar with how important it is to keep data secure.

Last month we had an incredibly insightful Fast Break analyzing a significant HIPAA enforcement victory for The University of Texas MD Anderson Cancer Center (MD Anderson) in the US Court of Appeals for the Fifth Circuit. If you missed our live program with Morgan Lewis partner Scott McBride and MD Anderson Deputy Chief Compliance Officer Krista Barnes, you can still view the presentation, or check out the highlights below.

We invite Health Law Scan readers to join Morgan Lewis for a sampling of upcoming webinars and speaking engagements featuring members of our healthcare industry team.

We hope you were able to join us for last month's Fast Break on the Regulatory Sprint to Coordinated Care, which has been a longstanding initiative of the Centers for Medicare and Medicaid Services, US Department of Health and Human Services (HHS), and Office of the Inspector General to navigate a path to value-based payment models, culminating in the December 2020 final rules. If not, you missed a conversational session featuring Katie McDermott, Al Shay, and Jake Harper diving a bit deeper into this topic.