Latest Articles

The Food and Drug Administration (FDA) has recently issued several cybersecurity and medical device initiatives as part of the agency’s increased focus on digital health. These initiatives include draft cybersecurity guidance for medical devices, increased coordination with the Department of Homeland Security, and the promotion of artificial intelligence. Elliot Golding and Jennifer Tharp provided an overview of recent developments in a post on our sister blog, Triage Health Law. Digital Health Update: Recent FDA
The Food and Drug Administration (“FDA”) has greatly increased its activity around cybersecurity initiatives and medical devices. As we approach the end of the year, this is a great opportunity to review recent developments. FDA Medical Device Cybersecurity Guidance On October 18, 2018, the FDA published draft guidance, “Content of Premarket Submissions for Management of Cybersecurity in Medical Devices.” This draft replaces prior guidance from 2014, and the outlines recommendations for device design, data…
On August 31, 2018, the US Environmental Protection Agency (US EPA) published its proposed rule providing a replacement to the Clean Power Plan (CPP).  The proposed rule, named the Affordable Clean Energy (ACE) rule, outlines revised emissions guidelines and the process for states to submit plans for the reduction of greenhouse gas (GHG) emissions from affected electric utility generating units (EGUs).  Key components include a shift to “inside-the-fenceline” emission reduction measures at individual sources for the…
For the second time in as many years, the Department of Health and Human Services’ Office for Civil Rights (“OCR”) entered into settlement agreements with and levied hefty fines on three hospitals that allegedly impermissibly disclosed patients’ protected health information to ABC News in the course of filming a television network documentary series.  OCR announced on September 20 that Boston Medical Center, Brigham and Women’s Hospital and Massachusetts General Hospital each reached agreements with HHS…
The US Federal Energy Regulatory Commission (FERC) issued a statement on May 18, 2018 clarifying that the Agency will only analyze both upstream and downstream environmental effects of pipeline Greenhouse Gas (GHG) emissions when those effects are “sufficiently causally connected to and are reasonably foreseeable effects of the proposed actions.”  The policy statement was part of an order denying a request for rehearing of the certificate FERC granted to the Dominion Energy Transmission’s pipeline project.  The…
In the face of the ongoing opioid crisis in the United States, the Office of the National Coordinator for Health Information Technology (“ONC”) and the Substance Abuse and Mental Health Services Administration (“SAMHSA”) recently released two fact sheets to clarify how the requirements of 42 CFR Part 2 apply in different provider contexts, including via electronic health information exchange (“HIE”). The Part 2 regulations were initially promulgated in 1975 to ensure the confidential treatment of…
On May 1, 2018, 17 states, including California, as well as the District of Columbia filed a Petition for Review in the US Court of Appeals for the District of Columbia in response to US EPA’s announcement that it would be rolling back tailpipe emission standards. As we previously reported, California stated in April that it was actively considering a lawsuit to challenge the decision to revise tailpipe emissions. The other states involved in the new lawsuit include Connecticut, Delaware,…
A recent blog post summarized Health Insurance Portability and Accountability Act (“HIPAA”) enforcement settlements for Virtual Medical Group (“VMG”) in New Jersey and EmblemHealth in New York that may signal a broader trend of increased state HIPAA enforcement.  Under the Health Information Technology for Economic and Clinical Health (“HITECH”) Act’s amendment to HIPAA, codified at 42 U.S.C. § 1320d-5(d), state attorney generals have authority to bring civil actions in federal district court to enforce HIPAA…
Overview of Recent Settlement Actions Recent Health Insurance Portability and Accountability Act (“HIPAA”) enforcement settlements for Virtual Medical Group (“VMG”) in New Jersey and EmblemHealth in New York may signal a broader trend of increased state HIPAA enforcement.  Under the Health Information Technology for Economic and Clinical Health (“HITECH”) Act’s amendment to HIPAA, codified at 42 U.S.C. § 1320d-5(d), state attorney generals have authority to bring civil actions in federal district court to enforce HIPAA…
The U.S. Food and Drug Administration (“FDA”) recently approved the Viz.Ai Contact application, a type of clinical decision support software designed to analyze computed tomography (CT) results that may notify providers of a potential stroke in their patients. In an article published March 8, 2018 as a PG Alert Email from the American Health Lawyers Association (“AHLA”), associate Jennifer M. Tharp discussed the recent approval of the software and its relation to the FDA’s increasing…