On September 25, 2020, California Governor Gavin Newsom signed into law California AB 713, which amends the California Consumer Privacy Act (CCPA) to except from its requirements certain health information, including information that has been de-identified in accordance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA). The bill’s enactment eases some of the CCPA compliance challenges experienced by the health care and life sciences industries by more closely aligning the CCPA with HIPAA and other laws governing human subjects research. The new law also amends the CCPA to except all business associates to the extent that they maintain, use or disclose patient information in the same manner as protected health information under HIPAA. Access the article.
The Toughest Problem Set: Navigating Regulatory and Operational Challenges on University Campuses
Because widespread, rapid COVID-19 testing remains unavailable in many locations, universities have had to find innovative ways to implement testing, tracing and isolation protocols to reduce the risk of transmission among students, faculty and staff. There is no one perfect protocol—all universities are in unchartered waters. But there are a few key components university administrators may want to consider and address. Access the article.
Worker Safety, Privacy Clash as Temperature Checks Become Norm
Employers are poised to collect health data from their workforces daily as they adopt temperature checks and other screening protocols to fight the coronavirus, triggering concerns about workers’ privacy and whether the practices will continue beyond the pandemic. “The temperature checks give employees and customers the feeling of safety and the idea that the company is doing everything possible, even if the screenings don’t protect the workplace,” said Michael Sheehan, a partner with McDermott Will & Emery, in a recent Bloomberg Law article. Access the full article.
COVID-19: FAQs on Employees Experiencing Symptoms and Employee Absences
With rapid developments in local, state and federal guidance and law, the appropriate approach for each employer in relation to COVID-19 will vary depending on the nature of their work, the industries served and their location and size, among other considerations. This article outlines what employers need to know about employees experiencing symptoms and employee absences. Access the full article.
Five Reasons Why Telehealth Is Here to Stay (COVID-19 And Beyond)
Telehealth is no longer just a nice-to-have, but instead a must-have for patients and healthcare professionals alike during the COVID-19 pandemic. Lisa Mazur, partner at McDermott Will & Emery specializing in the digital healthcare space, is quoted in a recent Forbes article about why telehealth is here to stay: “Telehealth was already experiencing significant momentum and growth prior to this public health emergency, and its continued trajectory has been solidified by the vital role it is playing in care delivery today.” Access the full article.
CARES Act Impacts All Benefit Plans
In the ongoing effort to help individuals impacted by COVID-19, Congress passed the Coronavirus Aid, Relief, and Economic Securities Act (CARES Act) on March 27, 2020. The President signed the CARES Act into law the same day. The historic stimulus package provides wide-ranging relief for both employers and employees. This includes rules that impact health and welfare, retirement and executive compensation plans and programs. For more information about the impact of the CARES Act on employer-provided benefits, access our On the Subject articles on the: Impact of the CARES Act on Health and Welfare Benefits Impact of the CARES Act on Retirement Plans and Student Loan Benefits Impact of the CARES Act on Executive Compensation In addition, for information about the frequently asked questions regarding health and welfare, retirement and executive compensation issues in the COVID-19 era, access our FAQs.
HIPAA Boss Sees ‘Low-Hanging Fruit’ Ripe For Enforcement
Healthcare providers and insurers are still making tons of rookie mistakes on patient privacy, turning themselves into easy enforcement targets, according to Roger Severino, director of the US Department of Health and Human Services. Severino made headlines in 2017 for expressing interest in punishing a "big, juicy, egregious" privacy breach, and seemingly followed through with a $16 million settlement stemming from Anthem Inc.'s megabreach involving 79 million patients. But, an emphasis on smaller violations makes sense in light of the OCR's recent acknowledgement of limits on its penalty powers, said Edward G. Zacharias, a McDermott partner. Access the full article. Originally posted on Law360, February 2020
New Podcast: Whose Data Is It Anyway? Collaboration in Digital Health
The demand for healthcare innovation is driving collaboration between formerly disparate healthcare companies and bringing in new players, such as technology companies and start-ups, into an already complex space. As companies build partnerships and pool resources—particularly healthcare data—data ownership presents numerous challenges that need to be addressed throughout the lifecycle of the collaboration. In this episode of the Of Digital Interest, podcast McDermott partners Jiayan Chen and Jennifer S. Geetter explore: Key concerns for companies executing data-driven collaborations Consumer expectations surrounding data use, data privacy and their impact on digital health collaborations The role of HIPAA and federal and state regulators in regulating data use Common questions about secondary use and identifiable and de-identified data Commercialization strategies and “green flags” for identifying the right collaboration partner Click here to listen to this...
Vetting Relationships for Telemedicine Collaborations
As the telemedicine regulatory and reimbursement environment becomes more cohesive and providers and patients alike embrace technology, opportunities for telemedicine collaborations are likely to grow. Like any collaboration, finding the right partner is crucial for success, particularly at the highly scrutinized intersection of healthcare and technology. This post explores the factors to address when evaluating service providers and vendors for your next telemedicine collaboration. Access the full article.
2018 Digital Health Data Developments – Navigating Change in 2019
Data privacy and security legislation and enforcement saw significant activity in 2018 and early 2019. McDermott’s 2018 Digital Health Year in Review: Focus on Data report – the first in a four-part series – highlights notable developments and guidance that health care providers, digital health companies and other health care industry stakeholders should navigate in 2019. Here, we summarize four key issues that stakeholders should watch in the coming year. For more in-depth discussion of these and other notable issues, access the full report. EU General Data Protection Regulation (GDPR) enhances protections for certain personal data on an international scale. US-based digital health providers and vendors that either (a) offer health care or other services or monitor the behavior of individuals residing in the EU, or (b) process personal data on behalf of entities conducting such activities should be mindful of the GDPR’s potential applicability to their...