Author: Duane Morris

Visit the Duane Morris website.
Posted on by Duane Morris

Employers Take Note: Final HIPAA Rules Mandate New Obligations for Group Health Plans

Employers that sponsor group health plans for their employees should pay careful attention to the newly announced final omnibus rule amending HIPAA in accordance with the HITECH Act of 2009. This final rule under the HITECH Act, issued on January 17, 2013, impacts group health plans in two significant ways. Group health plan sponsors should act now to make changes to existing plan documents, including HIPAA procedures and business associate agreements, in response to the Final Rule.

Click here for an overview of how HIPAA generally applies in the context of employer-sponsored group health plans and these significant changes impacting group health plans.

Continue reading “Employers Take Note: Final HIPAA Rules Mandate New Obligations for Group Health Plans”

Posted on by Duane Morris

HIPAA Minimum Necessary Standard Should Be Key Component of Policies and Procedures, Now More Than Ever

The HIPAA Rules require that when a HIPAA-covered entity (a provider, plan or clearinghouse) or a business associate of a covered entity uses or discloses protected health information (“PHI”), or when it requests PHI from another covered entity or business associate, the covered entity or business associate must make “reasonable efforts to limit protected health information to the minimum necessary to accomplish the intended purpose of the use, disclosure, or request.”

Click here to read more about the HIPAA “minimum necessary” standard—one of the most essential, yet vague, aspects of the HIPAA Rules.

Continue reading “HIPAA Minimum Necessary Standard Should Be Key Component of Policies and Procedures, Now More Than Ever”

Posted on by Duane Morris

Duane Morris Partner Susan Kayser Is Quoted in McKnight’s Long-Term Care News & Assisted Living Article

Duane Morris partner Susan Kayser is quoted in the McKnight’s Long-Term Care News & Assisted Living article, “Falsified Records Mean Legal Woes for Adminstrator, Aide,” in which she discusses the alteration of records in a long-term care setting, in light of two recent cases that landed a nursing home administrator and a nurse aide in legal hot water.

Click here to read the article and Susan’s comments on this long-term care and assisted living issue.

Posted on by Duane Morris

Overview of 2013 Amendments to HIPAA Privacy, Security, Breach Notification and Enforcement Rules

The 2013 Amendments include a number of sweeping changes to the HIPAA Rules, including the expansion of the definition of a business associate to include their subcontractors that handle protected health information (“PHI”); a lower threshold for determining whether a breach has occurred for reporting purposes; and restrictions on “marketing” activities and the “sale” of PHI.

Click here to read this Overview Summary of the 2013 Amendments. Duane Morris is issuing a series of Alerts on the 2013 Amendments. Please see the in-depth Alerts already distributed by the firm on changes under the 2013 Amendments to the definition of a business associate and changes to the breach notification requirements. We will continue to issue Alerts on discrete HIPAA topics.

Posted on by Duane Morris

New HIPAA Breach Notification Rule May Prove Costly for HIPAA-Covered Entities

One of the most significant changes in the final HIPAA amendments is the Breach Notification Rule, which modifies and clarifies the definition of “breach” and the risk-assessment approach required for breach notification. In light of this heightened standard, covered entities, business associates and downstream contractors should consider carefully reviewing their breach notification policies and procedures, training materials and contractual arrangements in an effort to avoid potential liability under the Breach Notification Rule.

Click here for more information on the most significant changes to the Breach Notification Rule.

Posted on by Duane Morris

Final HIPAA Amendments Expand HIPAA Net: Business Associates Now Required to Enter into Business Associate Agreements with Subcontractors

Among the most significant changes of the Final HIPAA amendments are the provisions that extend the Privacy and Security Rules’ stringent compliance obligations to business associates (BA) and expand the definition of BAs to include subcontractors of BAs. Why the changes? The HITECH Act of 2009 specifically extends direct liability to BAs and expands the list of obligations for BAs. The Department of Health & Human Services extends BA obligations even further to ensure the privacy and security of all PHI throughout the HIPAA ecosystem.

Click here to read a summary of the key provisions under the 2013 amendments, as well as factors that may be worthwhile for covered entities and business associates to consider in light of these amendments.

Posted on by Duane Morris

Affordable Care Act Declared Constitutional … For the Most Part

On June 28, 2012—the last day of the 2011 term—the U.S. Supreme Court ruled in a 5-4 decision, with Chief Justice Roberts writing for the majority, that the individual mandate provision of the Patient Protection and Affordable Care Act (the “Act”) is constitutional based on Congress’s taxing power. A key passage read from the bench by Chief Justice Roberts is as follows:

Continue reading “Affordable Care Act Declared Constitutional … For the Most Part”

Posted on by Duane Morris

Supreme Court Upholds ACA’s Individual Mandate

On June 28, 2012, the United States Supreme Court upheld the Affordable Care Act’s (“ACA”) individual mandate in a long-anticipated decision on the constitutionality of the ACA. The Court upheld the ACA’s individual mandate under Congress’ taxing power, and also held that the lawsuits challenging the ACA were not barred by the anti-injunction act. The Court, however, found the ACA’s Medicaid expansion unconstitutional because it “threaten[ed] States with the loss of their existing Medicaid funding if they decline to comply with the expansion.”

The full slip opinion may be accessed here.

Posted on by Duane Morris

CMS Delays Data Collection Under ACA’s Physician Payments Sunshine Act to January 1, 2013

On May 3, 2012, the Centers for Medicare and Medicaid Services (CMS) officially announced that it will delay data-collection and reporting requirements under the Patient Protection and Affordable Care Act’s (ACA) Physician Payments Sunshine Act (the “Sunshine Act”), due in part to the large number of comments received in response to CMS’s December 19, 2011, proposed rules. Data collection by CMS will not start until at least January 1, 2013.

Continue reading “CMS Delays Data Collection Under ACA’s Physician Payments Sunshine Act to January 1, 2013”

Posted on by Duane Morris

CMS Releases New Medicare Advantage and Medicare Part D Rules, Implements Several Provisions of ACA

On April 12, 2012, the Centers for Medicare & Medicaid Services (“CMS”) released a final rule with comment period (“Final Rules”) implementing changes to the Medicare Advantage program and Medicare’s prescription drug benefit program, referred to as Medicare Parts C and D, respectively. Part C and D plan sponsors and other participants should carefully review the changes, particularly those related to increased transparency and exclusion from Parts C and D. The Final Rules are the latest effort by CMS to improve accountability, transparency, and effectiveness of the Medicare program.

Continue reading “CMS Releases New Medicare Advantage and Medicare Part D Rules, Implements Several Provisions of ACA”

© 2009-2025 Duane Morris LLP. Duane Morris is a registered service mark of Duane Morris LLP.

The opinions expressed on this blog are those of the author and are not to be construed as legal advice.

Proudly powered by WordPress