INSIDE COMPLIANCE

Data Privacy Rules Step Up to the Next Level

April 5, 2019Blake KoloseikeFinance & Banking

The Federal Trade Commission (“FTC”) recently proposed two amendments to the Privacy Rule and Safeguards Rule under the Gramm-Leach-Bliley Act (“GLBA”). The Safeguards Rule requires financial institutions to develop, implement, and maintain a comprehensive information security system. This rule went into effect in 2003. The Privacy Rule requires financial institutions to inform customers about its information-sharing practices and allows customers to opt out of having their information shared with certain third parties. This rule went into effect in 2000. The recent amendments to these two rules are intended to further protect consumers’ data from third parties. However, the changes could also adversely affect businesses.

data privacyFederal Trade CommissionGramm-Leach-Bliley ActPrivacy & SecurityPrivacy RuleRegulationSafeguards Rule

Protecting PHI as the Health Care Industry Promotes Shift to TeleMedicine

April 4, 2019Mya StraussUncategorized

In a time where much of the healthcare industry has shifted to incorporate telehealth and telemedicine, health care organizations and providers are faced with the upkeep of the growing influx of patient data and the challenges associated with their obligation to maintain patient privacy. These challenges increasingly more burdensome as providers strive to keep up to date with the advancement of technology. Healthcare organizations must maintain patient privacythrough close monitoring of clouds, employee use of mobile devices, patient access to medical information and scheduling, and access to the provider networks through non-organizational devices. Maintaining the multiple platforms is costly and the industry remains at risk due to the rising volumes of cybersecurity attacks and breaches. UConn Health recently experienced a data breachthat necessitated notifying 326,000 people of potential impact to their protected health information (PHI) including names, dates of birth, address, billing information, and even social security numbers due to potential access by an unauthorized person.

Health Insurance

Lessons from Theranos

April 2, 2019Abigail MarshallThe Marketplace

Theranos, the health-tech and medical lab startup, was once one of the most hyped companies to come out of Silicon Valley. In 2014, after catching the attention of high-profile investors, the company reached a valuation of $9 billion. Following several employee and journalistic leaks in 2015, however, the public began to see the company for what it was, a fraud. An October 3, 2016 Inside Compliance article titled “Theranos: New Compliance Program Hopes to Save the Company,” was written following Theranos’ appointment of two outside executives to oversee regulatory, quality, and compliance standards. It is now clear that these efforts to save Theranos were too little too late, but we see some useful takeaways from Theranos’ downfall. This article will explore the key lessons learned as it relates to leadership, ethics, and compliance.

The Shift from Sectoral to Comprehensive Data Protection in Thailand

March 21, 2019Dhara ShahUncategorized

Ever since the enactment of the General Data Protection Regulation in the European Union, data privacy and data protection have become a hot topic for businesses and countries around the world. In the digital age where personal data is constantly collected, processed, and used, the need for strong data collection regulations has never been more important. Many countries have begun to enact data protection laws, and the most recent addition to a comprehensive data protection act is seen in Thailand. On February 28th, 2019 Thailand’s National Legislative Assembly approved the very first comprehensive data protection law in the country, the Thailand Personal Data Protection Act, which will be effective after a one-year transition period to help ensure compliance.

The Many Ethical Questions Arising from the Conduct of Michael Avenatti

March 19, 2019Michelle McGoughUncategorized

By now, Michael Avenatti is a household name. He shot to fame in 2018 while relentlessly representing adult film actress Stormy Daniels in her pursuit of the invalidation of a 2016 non-disclosure agreement regarding an alleged affair with President Donald Trump. Avenatti is famously brash and confrontational, and since his rapid rise to fame, numerous allegations of professional misconduct have come to the public’s attention. While he has avoided formal discipline thus far, it seems like only a matter of time until Avenatti faces some consequences for his actions.

ABA Model RulesAvenattiEthicsMichael Avenattirules of professional conductStormy Daniels

The Future of Online Prescribing

March 15, 2019Rachel KemelThe Art of Compliance

Telehealth allows for the delivery and facilitation of medical services through technology. It is rapidly evolving as the tech industry grows. Ten years after the passage of the Ryan Haight Act, the Drug Enforcement Agency (DEA) has still not taken any action to assist physicians in their usage of telehealth. Recently, Congress finally stepped in and passed a bill that requires the DEA to take action within the next year. But, the question still remains whether the DEA will finally act, or continue their history of avoidance?

CongressDEAJournal of Regulatory Complianceonline prescribingRegulationSpecial Registration for Telemedicine Clarification Acttelehealthtelemedicinethe Ryan Haight Act

Proposed Changes to the Clinical Laboratory Improvement Amendments of 1988

March 14, 2019Nina HintlianDrugs & Devices, The Marketplace

The Department of Health and Human Services Center for Medicare and Medicaid Services have proposed a ruleto update the proficiency testing (PT) regulations under the Clinical Laboratory Improvement Amendments of 1988 (CLIA). The new rule seeks to address current analytes, substances or constituents for which the laboratory conducts testing, and newer technologies. The rule would further make technical changes to the PT referral regulations to be more closely aligned with the CLIA statute.

clinical researchHealth LawJournal of Regulatory ComplianceRegulation

HIPAA May Not Be Enough to Protect Our Health Information

March 14, 2019Jessica SweebHIPAA & Health Information

On March 1, 2019, the College of Healthcare Information Management Executives (“CHIME”) sent a six-page letter to Congress which discussed how technology has impacted health care costs. CHIME believes that too much money is being allocated towards making sure that health care organizations are complying with the Office of Civil Rights (“OCR”) and the Department of Health and Human Services (“HHS”) requirements, while not enough resources are being given towards actually protecting against cybersecurity attacks. The letter contains multiple suggestions in which patient data could be better protected, such as incentivizing health care organizations to implement more cybersecurity safety measures. However, many of CHIME’s proposals would require Congress to amend multiple provisions in acts, such as the Health Information Technology for Economic and Clinical Health Act of 2009 (“HITECH Act”).

Regulation

The Ugly Side of Beauty: How Under-Regulation of Cosmetics Harmed Consumers for Decades

March 13, 2019Diana AkmakjianUncategorized

It is no secret that the beauty industry in America is frighteningly under-regulated. Cosmetics companies and beauty brands have managed to escape meaningful regulatory oversight for roughly a century and are largely left to self-regulate. In 2017, the global cosmetic products market was valued at $532 billion and is expected to reach a market value of $806 billion by 2023, registering a compound annual growth rate of 7.14%. Despite the colossal financial growth, regulatory shortcomings leave much to be desired by consumers. On the back of numerous harmful side-effects scandals and multi-million dollar class-action settlements, the FDA must grapple with renewed demand for cosmetics regulation as new beauty trends emerge.

beautycosmeticsFDAFood and Drug AdministrationFood Drug and Cosmetic ActJournal of Regulatory ComplianceRegulationskincare

Sunscreen Regulations: Providing Protection for Consumers and Difficulties for Manufacturers

March 12, 2019Blake KoloseikeHIPAA & Health Information

In 2014, Congress passed the Sunscreen Innovation Act in the hopes of encouraging innovation for new sunscreen ingredients. Recently, the United States Food and Drug Administration (FDA) proposed new regulations regarding over-the-counter sunscreens to keep up with recent scientific and safety information. This proposal will be available for ninety days from its announcement on February 21, 2019, and addresses safety concerns of common sunscreen ingredients. Further, the proposal addresses the labeling of sunscreen, trying to make it easier for consumers to identify the product information. While this proposal seeks to alleviate safety concerns, the regulation could potentially make it more difficult for new ingredients to be approved.

FDAFDA regulationsFederal Drug AdministrationRegulationSunscreen