On June 24, 2024, the Department of Health and Human Services (“HHS”) released a final rule (“Disincentives Final Rule”) establishing disincentives for certain healthcare providers that have committed information blocking. The information blocking disincentives directly impact Medicare-enrolled healthcare providers or suppliers including hospitals, critical access hospitals, MIPS-eligible clinicians, and ACOs. The Disincentives Final Rule has been submitted to the Office of the Federal Register for publication and will become effective 30 days after Federal Register publication.Continue Reading Healthcare Providers Who Engage in Information Blocking Will Face Disincentives Described in an HHS Final Rule
Jodi G. Daniel
Jodi Daniel is a partner in Crowell & Moring's Health Care Group and a member of the group’s Steering Committee. She is also a director at C&M International (CMI), an international policy and regulatory affairs consulting firm affiliated with Crowell & Moring. She leads the firm's Digital Health Practice and provides strategic, legal, and policy advice to all types of health care and technology clients navigating the dynamic regulatory environment related to technology in the health care sector to help them achieve their business goals. Jodi is a contributor to the Uniform Law Commission Telehealth Committee, which drafts and proposes uniform state laws related to telehealth services, including the definition of telehealth, formation of the doctor-patient relationship via telehealth, creation of a registry for out-of-state physicians, insurance coverage and payment parity, and administrative barriers to entity formation.
ONC Releases Final Rule on Information Blocking and Health IT Certification Program Updates, Including Requirements Related to AI
On December 13, 2023, the U.S. Department of Health and Human Services’ (HHS) Office of the National Coordinator for Health Information Technology (ONC) released the Health Data, Technology, and Interoperability: Certification Program Updates, Algorithm Transparency, and Information Sharing (HTI-1) Final Rule.Continue Reading ONC Releases Final Rule on Information Blocking and Health IT Certification Program Updates, Including Requirements Related to AI
OCR Takes Enforcement Action for Phishing Attack
Last week, the Office for Civil Rights (“OCR”) announced a settlement with Lafourche Medical Group (“LMG”), a Louisiana medical group, for a 2021 phishing attack and breach that affected the protected health information (“PHI”) of 34,862 individuals. In addition to paying $480,000 to OCR, LMG agreed to a corrective action plan that will include implementing security measures to protect electronic PHI, developing written policies and procedures to comply with HIPAA rules, and training staff members.Continue Reading OCR Takes Enforcement Action for Phishing Attack
Avoiding a Cautionary Tale: Policy Considerations for Artificial Intelligence in Health Care
On November 8, 2023, the Senate Health, Education, Labor and Pensions (HELP) Committee Subcommittee on Primary Health and Retirement Security discussed the impact of artificial intelligence (AI) on the healthcare sector in the Committee’s second AI hearing in nine days. The hearing comes as the White House and Congressional leaders seek to quickly respond to AI threats, mitigate its dangers, and harness its potential for American industry. Senators discussed the recent Executive Order issued by the White House to guide AI regulation and innovation across all sectors, including in the health and human services sectors.Continue Reading Avoiding a Cautionary Tale: Policy Considerations for Artificial Intelligence in Health Care
HHS-OIG Releases Final Rule Implementing Information Blocking Penalties
On June 27, 2023, the Department of Health and Human Services (“HHS”) Office of Inspector General (“OIG”) issued a final rule (“OIG Final Rule”) that implements statutory provisions for its enforcement of the information blocking penalties created by the 21stCentury Cures Act (“Cures Act”) and assessment of civil money penalties (“CMPs”) of up to $1 million per violation of information blocking for certain individuals or entities subject to the information blocking requirements.Continue Reading HHS-OIG Releases Final Rule Implementing Information Blocking Penalties
FTC Announces Enforcement Action Against Ovulation Tracking App Premom
On May 17, 2023, the Federal Trade Commission (“FTC”) announced an enforcement action (“Enforcement Action”) against Illinois-based Easy Healthcare Corporation (“Easy Healthcare”), which operates the Premom application, for allegedly violating Section 5 of the FTC Act and the Health Breach Notification Rule (“HBNR”). Easy Healthcare has developed, advertised, and distributed a mobile application called the Premom Ovulation Tracker (“Premom”) that allows users to input and track various types of personal and health information. In the complaint (“Complaint”), the FTC alleges that Easy Healthcare deceived users by disclosing users’ sensitive health data with third parties and failed to notify consumers of these unauthorized disclosures in violation of the HBNR. The proposed order (“Proposed Order”), which was brought by the U.S. Department of Justice on behalf of the FTC, imposes a civil penalty of $100,000 and prohibits Easy Healthcare from sharing user personal health data with third parties for advertising, among other requirements. As part of a related action, Easy Healthcare has agreed to pay an additional $100,000 to Connecticut, the District of Columbia, and Oregon for violating their respective laws.Continue Reading FTC Announces Enforcement Action Against Ovulation Tracking App Premom
ONC’s Trusted Exchange Framework and Common Agreement (TEFCA) Announces First Cohort of Participants
On January 19, 2022, the U.S. Department of Health and Human Services (HHS) Office of the National Coordinator for Health Information Technology (ONC) published the Trusted Exchange Framework and Common Agreement (TEFCA) for health information exchange. The Trusted Exchange Framework established a set of non-binding, foundational principles for trust policies and practices to help facilitate…
FTC Enforcement Against Sharing Consumer Health Information Continues
On March 2, 2023, the Federal Trade Commission (“FTC”) announced an enforcement action against California-based online counseling service BetterHelp, Inc. (“BetterHelp”) for allegedly sharing consumers’ health information, including sensitive information about mental health challenges, for advertising purposes in violation of Section 5 of the FTC Act.
This latest enforcement action comes just one month after…
FTC Imposes $1.5 Million Civil Penalty in First-of-Its-Kind Health Breach Notification Rule Enforcement Action
On February 1, 2023, the Federal Trade Commission (“FTC”) announced an enforcement action (“Enforcement Action”) against California-based telehealth and prescription drug discount provider GoodRx Holdings, Inc. (“GoodRx”) for allegedly violating section 5 of the FTC Act and the Health Breach Notification Rule (“HBNR”). The proposed order (“Proposed Order”), which was brought by the U.S. Department…
President Biden Signs End-of-Year Legislation Including Telehealth, Medicare & Medicaid, Mental Health, Pandemic Preparedness, and Other Health Care Provisions
On December 29, President Joe Biden signed into law the Consolidated Appropriations Act, 2023 (P.L. 117-164) (the “Act”)—an approximately $1.7 trillion spending package, which consists of all 12 fiscal year (FY) 2023 appropriations bills and funds the federal government through September 30, 2023, provides additional assistance to Ukraine, and makes numerous health care policy changes. Continue Reading President Biden Signs End-of-Year Legislation Including Telehealth, Medicare & Medicaid, Mental Health, Pandemic Preparedness, and Other Health Care Provisions