Rachel V. Rose, JD, MBA

Don't run afoul of federal rules.

What can organizations do to be proactive in protecting personally identifiable information (PII) and protected health information (PHI)?

With the public health emergency possibly coming to an end, the government is looking to continue telemedicine expansions.

A look at recent cases.

Contracting with or employing an excluded person can result in a government enforcement action.

Keep abreast of the new cybersecurity laws.

Grievous HIPAA violations can lead to dire consequences.

Learn how the Hospital-Acquired Conditions Reduction Program works and how it can impact your facility's revenue.

Actions taken against healthcare professionals show the priorities of the government.

Implications of the new law.

A look at some recent Extreme Risk Protection Order cases.

Appreciating how to avoid an enforcement action under the Right of Access Initiative, as well as mitigating cyberattacks with HHS’s cybersecurity resource website.

All the details you need before the act goes into effect on Jan. 1.

On December 2, 2020, CMS published new provisions and exemptions related to the Stark Law (85 Fed. Reg. 77492) and HHS-OIG published new provisions and safe harbors related to the Anti-Kickback Statute (AKS) (85 Fed. Reg. 77684.

Code accurately with the appropriate documentation to substantiate medical necessity.

With the impending reporting period upon providers, this article highlights the current status of Reporting Period 1 and relays some recent enforcement actions.

AI can decrease strain on nurses and other healthcare professionals and allow them focus on the tasks technology cannot address.

As more states enact biometric laws (although none are as robust as Illinois), healthcare AI companies, covered entities, and business associates should take note and take steps to update compliance programs in order to reduce the risk of a lawsuit and a potentially criminal HIPAA violation.

Understanding what should be included in a required HIPAA BAA is essential.

With cybersecurity and criminal government actions involving protected health information (PHI), now is a good time to understand the importance of the required Business Associate Agreement (BAA).

Providers should be vigilant about the truthfulness of the claims and statements that are being submitted for remuneration by the government.

An advisory opinion is only applicable to those requesting it; seek guidance under AKS or ensure safe harbors are met and a goal is to not induce referrals based on volume or value.

Recent attacks encouraged new guidelines from the National Institute for Standards and Technology (NIST).

A few notable items seemingly intersect with the Health Insurance Portability and Accountability Act (HIPAA).

When considering the treatment of minors, as well as the release of the related protected health information, there are considerations not to overlook.

Compliance measures can assist healthcare industry participants avoid potential liability, whether civil or criminal, under the False Claims Act.

Covered entities should be balancing a patient’s right to request his/her medical records or designated record set in a particular electronic format with an unacceptable level of security risk to the covered entity’s systems.

Viewed through the lens of the prosecutor and the government’s expert

In light of a major insurance company recently being hit with ransomware, the importance of protection, detection, and correction cannot be over emphasized.

Technical, administrative, and physical safeguards need to be implemented in accordance with the Security Rule; NIST standards are preferrable.