The new Civil Cyber-Fraud Initiative of the US Department of Justice’s use of the punitive False Claims Act (FCA) and its whistleblower provisions has some important legal and risk management considerations for the health industry. Because enforcement will initially occur largely through civil investigations applying the FCA in the broadest possible way, healthcare organizations should undertake a priority assessment of their cybersecurity status to ensure that their practices can withstand hacks, whistleblowers, and government scrutiny.
Legal Insights and Perspectives for the Healthcare Industry
Ransomware attacks are increasing in their severity and sophistication, with healthcare companies being significant targets. Ransomware actors often target businesses believed to have fewer resources to invest in cyber protection, as well as those holding sensitive data, in the hopes that they will be more likely to make a quick ransom payment.
We invite Health Law Scan readers to join Morgan Lewis for the 11th Technology May-rathon, our annual series of tailored webinars focused on current technology issues, trends, and developments that are of key importance to our friends and clients.
Members of our labor and employment team recently published a LawFlash discussing the US Department of Labor’s (DOL’s) April 14 issuance of three pieces of subregulatory guidance addressing the cybersecurity practices of retirement plan sponsors, vendors, and plan participants respectively. This resource, which includes our team’s analysis and observations, may be of particular interest to employers in the healthcare sector, who are all too familiar with how important it is to keep data secure.
We invite Health Law Scan readers to join Morgan Lewis for an upcoming webinar series, Privatization of the Vaccine Rollout, which will explore the legal and regulatory issues for businesses that have become increasingly central to rolling out vaccines in the United States and around the globe.
Partner Reece Hirsch recently attended and spoke at the 2020 Health Datapalooza held in Washington, DC.
New York’s Stop Hacks and Improve Electronic Data Security Act, or SHIELD Act, which makes significant changes to the state’s data breach notification requirements, impacts healthcare organizations that hold computerized data with private information from New York residents. In this LawFlash, our privacy and cybersecurity team analyzes the law’s expanded definition of “private information” and offers key business takeaways for assessing compliance with the SHIELD Act, which becomes effective October 23, 2019.
On a fourth go-around, the Trump administration has issued another set of proposed tariffs on an additional $300 billion of goods related to China, this time adding a range of commercial goods across industries.