K&L Gates Health Care Triage K&L Gates

In this two-part Triage series, Gina Bertolini, Stephen Page, and Sarah Staples-Carlton discuss an old health care regulatory doctrine that has new relevance in a post-COVID world, where the delivery of care via telemedicine and other remote models has become heavily adopted: Corporate Practice of Medicine, or “CPOM.” As more and more health care companies look for innovative ways to deliver healthcare, it can be easy for seasoned healthcare professionals and newcomers alike to discount or dismiss CPOM. While on its face it is a straightforward prohibition, it is important to understand the doctrine’s underlying philosophy and to appreciate its complexity, particularly how it varies from state to state. This is particularly the case where telehealth has become an established method for the delivery of care, and many new companies are entering the health care space. As health care entities, health IT solutions providers, and other companies seek to deliver care in one or more states, there are many health care regulatory considerations to consider, but CPOM should be at the top of the list. 
In part one of this series, Gina Bertolini, Stephen Page, and Sarah Staples-Carlton offer a brief primer on CPOM, answer some practical questions about its impact, and elaborate on its present-day relevance for health care providers and other companies.

In this two-part Triage series, Gina Bertolini, Sarah Carlins, and Jianne McDonald analyze two recent HHS initiatives that address cybersecurity risks to hospitals and health systems nationwide. Cybersecurity events involving our nation’s health care providers have precipitously risen in the past five years. The Department of Health and Human Services’ Office for Civil Rights (OCR) reports a nearly 300% increase in large data breaches that involve ransomware reported to OCR from 2018 to 2022. Interoperability remains a major government priority, and as remote care models continue to proliferate and the need intensifies for big data to feed increasingly complex technologies, risks to health care providers will continue to abound.  

In part two, Gina Bertolini and Sarah Carlins discuss HHS’s “Healthcare Sector Cybersecurity” report, which outlines HHS’s strategy for securing the digital infrastructure of our nation’s health care system. HHS’s strategy includes increased funding for support and enforcement of HIPAA’s Security Rule and the implementation of voluntary Cybersecurity Performance Goals, and HHS projects changes to HIPAA’s Security Rule coming in the Spring of 2024.

In this two-part Triage series, Gina Bertolini, Sarah Carlins, and Jianne McDonald analyze two recent HHS initiatives that address cybersecurity risks to hospitals and health systems nationwide. Cybersecurity events involving our nation’s health care providers have precipitously risen in the past five years. The Department of Health and Human Services’ Office for Civil Rights (OCR) reports a nearly 300% increase in large data breaches that involve ransomware reported to OCR from 2018 to 2022. Interoperability remains a major government priority, and as remote care models continue to proliferate and the need intensifies for big data to feed increasingly complex technologies, risks to health care providers will continue to abound.  

In part one of this series, Sarah Carlins and Jianne McDonald discuss recent OCR recommendations for healthcare providers and patients on cybersecurity measures when providing and receiving care via telehealth. They also discuss the federal government’s view that effective communication regarding the privacy and security of electronic health information is an important component of quality care in the telehealth setting. 

In this episode, Rebecca Schaefer, Michael Hinckle, and Elisabeth Lewis summarize FDA regulatory developments from 2023 and what to expect in 2024 as it relates to clinical research. They discuss the significance of the decentralized clinical trials guidance documents, highlights of the Informed Consent Guidance document, the impacts of FDA’s final rule on IRB waivers of consent, the IRB review of individual patient expanded access submissions, and the potential effects of the new proposed rule for lab developed tests.

In this episode, Alexa Sengupta and Cindy Ortega Ramos analyze the FDA’s latest guidance on informed consent regulations for clinical investigations. They discuss the basic elements of the consent form, documentation requirements for informed consent, and the impacts of the guidance for IRBs, clinical investigators, and sponsors.

In this episode, Rebecca Schaefer and Martin Folliard discuss cybersecurity threats faced by health care organizations and a new federal research agency initiative to help create security tools to protect the US health care system from cyberattacks.