Photo of Jodi G. Daniel

Jodi Daniel is a partner in Crowell & Moring's Health Care Group and a member of the group’s Steering Committee. She is also a director at C&M International (CMI), an international policy and regulatory affairs consulting firm affiliated with Crowell & Moring. She leads the firm's Digital Health Practice and provides strategic, legal, and policy advice to all types of health care and technology clients navigating the dynamic regulatory environment related to technology in the health care sector to help them achieve their business goals. Jodi is a contributor to the Uniform Law Commission Telehealth Committee, which drafts and proposes uniform state laws related to telehealth services, including the definition of telehealth, formation of the doctor-patient relationship via telehealth, creation of a registry for out-of-state physicians, insurance coverage and payment parity, and administrative barriers to entity formation.

On June 27, 2023, the Department of Health and Human Services (“HHS”) Office of Inspector General (“OIG”) issued a final rule (“OIG Final Rule”) that implements statutory provisions for its enforcement of the information blocking penalties created by the 21stCentury Cures Act (“Cures Act”) and assessment of civil money penalties (“CMPs”) of up to $1 million per violation of information blocking for certain individuals or entities subject to the information blocking requirements.

Continue Reading HHS-OIG Releases Final Rule Implementing Information Blocking Penalties

On May 17, 2023, the Federal Trade Commission (“FTC”) announced an enforcement action (“Enforcement Action”) against Illinois-based Easy Healthcare Corporation (“Easy Healthcare”), which operates the Premom application, for allegedly violating Section 5 of the FTC Act and the Health Breach Notification Rule (“HBNR”). Easy Healthcare has developed, advertised, and distributed a mobile application called the Premom Ovulation Tracker (“Premom”) that allows users to input and track various types of personal and health information. In the complaint (“Complaint”), the FTC alleges that Easy Healthcare deceived users by disclosing users’ sensitive health data with third parties and failed to notify consumers of these unauthorized disclosures in violation of the HBNR. The proposed order (“Proposed Order”), which was brought by the U.S. Department of Justice on behalf of the FTC, imposes a civil penalty of $100,000 and prohibits Easy Healthcare from sharing user personal health data with third parties for advertising, among other requirements. As part of a related action, Easy Healthcare has agreed to pay an additional $100,000 to Connecticut, the District of Columbia, and Oregon for violating their respective laws.

Continue Reading FTC Announces Enforcement Action Against Ovulation Tracking App Premom

On January 19, 2022, the U.S. Department of Health and Human Services (HHS) Office of the National Coordinator for Health Information Technology (ONC) published the Trusted Exchange Framework and Common Agreement (TEFCA) for health information exchange. The Trusted Exchange Framework established a set of non-binding, foundational principles for trust policies and practices to help facilitate

On March 2, 2023, the Federal Trade Commission (“FTC”) announced an enforcement action against California-based online counseling service BetterHelp, Inc. (“BetterHelp”) for allegedly sharing consumers’ health information, including sensitive information about mental health challenges, for advertising purposes in violation of Section 5 of the FTC Act.

This latest enforcement action comes just one month after

On February 1, 2023, the Federal Trade Commission (“FTC”) announced an enforcement action (“Enforcement Action”) against California-based telehealth and prescription drug discount provider GoodRx Holdings, Inc. (“GoodRx”) for allegedly violating section 5 of the FTC Act and the Health Breach Notification Rule (“HBNR”). The proposed order (“Proposed Order”), which was brought by the U.S. Department

On December 29, President Joe Biden signed into law the Consolidated Appropriations Act, 2023 (P.L. 117-164) (the “Act”)—an approximately $1.7 trillion spending package, which consists of all 12 fiscal year (FY) 2023 appropriations bills and funds the federal government through September 30, 2023, provides additional assistance to Ukraine, and makes numerous health care policy changes.  

Continue Reading President Biden Signs End-of-Year Legislation Including Telehealth, Medicare & Medicaid, Mental Health, Pandemic Preparedness, and Other Health Care Provisions

On December 21, 2022, the Centers for Medicare & Medicaid Services (CMS) issued a proposed rule that would adopt standards under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) for “health care attachments” transactions, which would: (1) support health care claims adjudication and prior authorization transactions; (2) adopt standards for electronic signatures to

On December 6, 2022, the Centers for Medicare & Medicaid Services (CMS) issued a Proposed Rule that would (i) further enhance health data exchange by establishing data exchange standards for certain payers, (ii) improve patient and provider access to health information, and (iii) streamline processes related to prior authorization for medical items and services. The

On November 9, the Department of Health and Human Services (HHS) issued a proposed rule to adopt updated versions of the retail pharmacy standards for electronic transactions adopted under the Administrative Simplification subtitle of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and to broaden the applicability of the HIPAA subrogation transaction.

If

In late November, HHS proposed long-awaited changes to regulations at 42 C.F.R. Part 2 (“Part 2”) governing the confidentiality of substance use disorder (“SUD”) records as required under the Coronavirus Aid, Relief, and Economic Security (“CARES”) Act. Generally, HHS is attempting to align Part 2 requirements with the HIPAA (“Health Insurance Portability and Accountability Act”) Privacy Rule. The most significant changes are those to the rules governing consent for entities subject to Part 2’s restrictions to use, disclose, and redisclose Part 2 records with respect to treatment, payment, and health care operations (“TPO”) activities.

Continue Reading HHS Proposed Changes Would Align Part 2 Regulations on Substance Use Disorder Records with HIPAA