If an entity that offers a personal health record identifies a breach of information in that record, it is required to provide notice to each impacted individual and to the FTC within 60 calendar days of discovery.
Yesterday, the FTC issued a policy statement announcing a new interpretation of the FTC’s 10-year-old “Personal Health Record Breach Notification Rule.” As the FTC acknowledges, this rule has never been enforced by the FTC. The FTC’s announcement indicates its intention to begin enforcing this rule, which allows the FTC to assess penalties of $43,792 per day of violation.
Continue reading “Zombie PHR Breach Rule Rises From the Dead”
Expanded use of Electronic Health Records (EHRs) is an integral component of the ongoing modernization of the U.S. health care system through digitalization. Among the anticipated advantages of using EHRs are improvements in patient care (e.g., through faster access to relevant information and consequently improved care coordination), increased patient engagement, as well as reduction of medical errors and cost savings. On the other hand, implementing EHRs in a sustainable and legally compliant way requires upfront investment in hardware, software, training, workflow restructuring, as well as management of risks unique to electronic records, such as vulnerability to malicious interference. When EHRs are combined with mobile platforms, the cybersecurity risks multiply. Addressing this latest challenge can be daunting, both for medical practices and EHR product providers.
Continue reading “Security Recommendations for Mobile Health Apps”
The Centers for Medicare and Medicaid Services (CMS) recently released their Final Rule for the Promoting Interoperability Program formerly known as the Medicare and Medicaid Electronic Health Record Incentive Programs.
CMS had previously published a Proposed Rule and a request for feedback from the public related to improving interoperability and the sharing of electronic medical records between providers, and between providers and patients, which we covered in a May blog post. CMS has stated that the purpose of the Final Rule is to “advance the agency’s priority of creating a patient-centered health care system by achieving greater price transparency, interoperability, and significant burden reduction so that hospitals can operate with better flexibility and patients have what they need to be active healthcare consumers.”
Continue reading “CMS Releases Final Rule for Promoting Interoperability Program”
The Centers for Medicare and Medicaid Services (CMS) recently released its Proposed Rule that, in major part, rebrands the previously known Medicare and Medicaid Electronic Health Records (EHR) Incentives Program into the Promoting Interoperability Program. The rebrand shifts the focus of the program to ensure that providers facilitate patient access to their own health data, and limit the burden on health care providers when it comes to monitoring clinical care using health technology.
Continue reading “CMS Proposed Rule, Rebranding of Medicare and Medicaid Electronic Health Records Incentives Program Shifts Focus to Interoperability and Patient Access”
Singapore’s Ministry of Health (MOH) recently drafted a new Healthcare Services (HCS) Bill aimed to bridge the gap between the country’s changing healthcare needs and technological advances. According to the MOH, the healthcare landscape in Singapore is undergoing significant changes, including an ageing population, increased chronic disease prevalence, and advancements in medicine and health technologies. The HCS Bill will “better safeguard the safety and well-being of patients, while enabling new and innovative services that benefit patients to be developed, in the changing healthcare environment.”
Currently, healthcare providers in Singapore are licensed and regulated under the Private Hospitals and Medical Clinics Act (PHMCA), which was designed to protect patient safety through the licensing of physical healthcare premises. But, brick and mortar locations are quickly becoming a thing of the past as more and more healthcare services are delivered through mobile and online channels. MOH intends to respond to this shift by repealing the PHMCA and replacing it with this new HCS Bill.
Continue reading “Singapore Addresses Confidentiality of Electronic Patient Records in New Healthcare Services Bill”