On April 27, 2023, Washington Governor Jay Inslee signed into law House Bill 1155, otherwise known as the My Health My Data Act. Certain “geofencing” portions of the law became effective July 23, 2023. Other provisions will become effective for “small businesses” on June 30, 2024, and for all other regulated entities on March 31, 2024. Below is a brief summary of the law’s following core components: (1) covered individuals and entities, (2) covered data, and (3) data collection and sharing requirements.Continue Reading Implementation Underway for Washington’s New Wide-Reaching Consumer Health Data Law
Data Security
Agencies Look for Input on No Surprises Act Good Faith Estimate Rules
Following closely after the clarifying independent dispute resolution process Final Rule, the four executive branch entities tasked with implementing the provisions of the No Surprises Act, the Office of Personnel Management, the Centers for Medicare & Medicaid Services (CMS), Employee Benefits Security Administration and the Internal Revenue Service have issued a request for information to help the agencies craft the next stage of regulations for the surprise billing law.
The request is the latest effort by agencies to seek stakeholder input on the contours of the regulations implementing the No Surprises Act, this time with a focus on the requirements in the law for providers to issue a good faith estimate (GFE) to plans for services that their covered patients will submit for reimbursement and for insurers to issue an advanced explanation of benefits (AEOB) to their plan participants based on estimated charges relayed to them by providers.
Specifically, the entities are looking for information and recommendations on the process of transferring data from providers and facilities to plans, issuers and carriers to facilitate the GFE and AEOB processes, as well as the economic impacts of implementing these requirements. The notice was added to the Federal Register on Friday, Sept. 16 and comments are due to the agencies by November 15.Continue Reading Agencies Look for Input on No Surprises Act Good Faith Estimate Rules
States Banding Together on HIPAA Enforcement
In the first settlement of its kind, a medical software provider has agreed to pay $900,000 to 16 state attorneys general for alleged violations of state and federal privacy laws. The settlement, stemming from a federal lawsuit in the U.S. District Court for the Northern District of Indiana, demonstrates the resolution of the first-ever multistate…
White House Releases Proposed Precision Medicine Initiative Privacy Framework
Earlier this year, President Obama launched a high-profile “Precision Medicine Initiative” (PMI) to develop treatments, diagnostics, and prevention strategies tailored to the individual genetic characteristics of each patient. On July 8, 2015 the White House released for public comment a draft document entitled “Precision Medicine Initiative: Proposed Privacy and Trust Principles,” which provides broad guidance…
Stolen Unencrypted Laptops Results in HIPAA Settlements for Two Health Companies
Two more health care companies have settled potential violations of the HIPAA Privacy and Security Rules arising from the theft of unencrypted laptops by paying a total of almost $2 million and agreeing to continued oversight by the HHS Office for Civil Rights (OCR). In both instances, the breaches were self-reported and the settlements resulted…
Congressional Panels Continue Focus on ACA Insurance Enrollment, Security, and Cost Issues, and Other Health Policy Topics
Congress continues to examine issues associated with enrollment in qualified health plans under Healthcare.gov. For instance:
- The House Science, Space, and Technology Committee held a hearing entitled “Is My Data on Healthcare.gov Secure?”
- The Senate Small Business and Entrepreneurship Committee focused on “Affordable Care Act Implementation: Examining How to Achieve a Successful Rollout of
…
ONC Invites Comments on Nationwide Health Information Network Governance
The Office of the National Coordinator for Health Information Technology (ONC) is inviting comments on a governance mechanism for the nationwide health information network under the HITECH Act. ONC seeks input on a range of topics, including: creation of a voluntary program under which entities that facilitate electronic health information exchange could be validated…
HHS Issues Clarifications to Health IT Rules
On October 13, 2010, the HHS Office of the National Coordinator for Health Information Technology (ONC) published an interim final rule with request for comment to remove the implementation specifications related to public health surveillance from regulations established by the Standards and Certification Criteria Final Rule. Comments will be accepted until November 12, 2010. In addition…
HHS Conference on HIPAA Security
The HHS Office for Civil Rights and the National Institute of Standards and Technology’ (NIST) Computer Security Division are hosting a conference May 11 and 12, 2010 entitled “Safeguarding Health Information: Building Assurance through HIPAA Security.” The conference will provide a forum to discuss the current health information technology security landscape, as well as practical…
American Recovery and Reinvestment Act — Health Information Privacy/Incentives, Medicaid Funding & Other Health Provisions
On February 17, 2009, President Obama signed into law H.R. 1, the American Recovery and Reinvestment Act (the “ARRA”). The sweeping $790 billion economic stimulus package includes a number of health care policy provisions. Reed Smith’s Health Care Memorandum summarizes the major health policy provisions of the Act.
Continue Reading American Recovery and Reinvestment Act — Health Information Privacy/Incentives, Medicaid Funding & Other Health Provisions