HIPAA & Health Information Technology Blog

William Maruca, Michael Kline and Elizabeth Litten maintain a blog that provides information regarding current legal and practical issues that health care providers and business must consider with regard to the exchange of health information, including the use of electronic health records (EHR). The HIPAA Privacy Rule and Security Rule requirements are among the legal standards with which there must be compliance when utilizing EHR, as well as sharing and exchanging health information in general. This blog also considers possible solutions to maneuver the legal and other barriers to establishing an EHR system and infrastructures for the beneficial exchange of health information.

View the HIPAA & Health Information Technology Blog

Physician Law Blog

Todd A. Rodriguez and Edward J. Cyran maintain a blog that can be used as a resource for current legal issues and news affecting physicians and other non-institutional health care providers. Their blog provides updates on new legislation and legal issues relating to practice management, billing and coding, ancillary services, malpractice insurance, fraud and abuse developments and other important legal issues affecting physicians in their personal and professional lives.

View the Physician Law Blog

Recent Blog Posts

  • Healthcare Facility Policies in the Age of Medical Marijuana On Fox’s In the Weeds blog, associate Richard Holzworth discussed the influx of patients registering for the Pennsylvania Medical Marijuana Program, and provided an overview of key policy and procedure updates that PA’s healthcare facilities, including hospitals and long-term care providers, should adopt: Despite Pennsylvania’s medical marijuana industry being in its infancy, more than 17,000 patients have registered for the program, and more than 4,000 already have received their medical marijuana card from the Department of Health. Now that cannabis products have burst onto... More
  • A Movement to Consider: Telepsychiatry in New York State In a post on February 28, Fox associate Kristen Marotta discussed the privacy and security issues arising from the growing use of telemedicine, particularly for mental health treatment. Now on the firm’s Physician Law blog, Kristen continues her discussion of telepsychiatry by diving into recent developments in New York State surrounding the innovative practice model. Kristen notes new funding from the New York Office of Mental Health to expand its use, and breaks down the OMH regulations that psychiatrists and physicians will need... More
  • A Movement to Consider: Telepsychiatry in New York State Kristen Marotta writes: Recently on Fox’s HIPAA & Health Information Technology blog, we discussed the privacy and security issues arising from the growth of telemedicine, as well as the general benefits that such growth could have for recent medical graduates. Now, with more funding and attention being given to telemedicine, new physicians will have the opportunity to make a difference in rural health care and move the industry into an entirely new direction. In New York, recent funding has been made available... More
  • Involuntary Commitment Laws and Privacy Restrictions In a recent New York Times op-ed piece entitled “How a Bad Law and a Big Mistake Drove My Mentally Ill Son Away,” the father of a young man involuntarily hospitalized under Florida’s Baker Act decries “privacy laws” for limiting his access to information about his son’s whereabouts and care.   If this account is accurate, it highlights the widespread confusion that surrounds  health care providers’ communication with family members. The article’s author, Norman Ornstein, describes a disturbing incident in which his... More
  • Perks and Tips for the Recent Medical Graduate: Telemedicine and HIPAA On the firm’s HIPAA & Health Information Technology blog, associate Kristen Marotta discussed the privacy and security issues arising from the growing use of telemedicine, particularly for mental health treatment. Kristen examines the myriad considerations doctors should address in setting up a telemedicine model for their practices, and notes federal funding recently made available via New York State’s Office of Mental Health to expand the use of mental health-focused telemedicine in the state. We invite you to read Kristen’s piece, and stay tuned... More
  • Perks and Tips for the Recent Medical Graduate: Telemedicine and HIPAA Kristen Marotta writes: Many believe that educated millennials are choosing to work in urban, rather than rural areas, during their early career due to societal milestones being steadily pushed back and the professional opportunities and preferences of a young professional. Recent medical school graduates are a good example of this dichotomy. The shortage of physicians in rural areas is a well-known phenomenon. Over the years, locum tenens staffing has helped to soften the impact and, recently, so has telemedicine. The growing prevalence... More
  • Apple’s Entry to the EHR Business Last month, Apple issued a long awaited announcement of their move into the medical records field, by debuting new functions in the updated Health app for the iOS 11.3 beta, allowing users to view and aggregate their medical records on their iPhones. The new “Health Records” features within the Health app brings together hospitals, clinics and the existing Health app to make it easy for consumers to see their available medical data from multiple providers whenever they choose. Now, consumers will... More
  • A Physician’s Guide to Navigating Medical Marijuana Registration This piece originally appeared in the February 2018 issue of the Allegheny County Medical Society Bulletin. Richard L. Holzworth writes: In April 2016, Gov. Tom Wolf signed into law Pennsylvania’s compassionate medical cannabis legislation (Act 16), effectively legalizing medical marijuana in the Commonwealth. Since that time, the Pennsylvania Department of Health (DOH) has awarded 12 licenses to grow medical marijuana and 27 licenses to operate medical marijuana dispensaries. It is anticipated that the grow operations and dispensaries will be open for business... More
  • Beware: HIPAA Applies to the Health Plans You Never Knew You Had (Part 2: Wellness Programs) Many employers who offer wellness programs to their employees may not have considered compliance with HIPAA privacy, security and breach notification rules (collectively, “HIPAA Rules”), since they don’t think of their wellness programs as a group health plan. Part 1 of this post covered why most employee assistance programs (“EAPs”) are subject to the HIPAA Rules. This part discusses wellness programs. As with EAPs, wellness programs must comply with the HIPAA Rules to the extent that they are “group health... More
  • Beware: HIPAA Applies to the Health Plans You Never Knew You Had (Part 1: Employee Assistance Programs) You may be surprised to learn that those “extra” benefits your company offers to its employees such as your employee assistance program (“EAP”) and wellness program likely are subject to the HIPAA privacy, security and breach notification rules (collectively, “HIPAA Rules”). Part 1 covers why most EAPs are subject to the HIPAA Rules. Part 2 will discuss wellness programs. In both cases, EAPs and wellness programs must comply with the HIPAA Rules to the extent that they are “group health... More
  • Effect of the Sessions Memorandum on State Medical Marijuana Programs Earlier this month, Attorney General Jeff Sessions issued a Memorandum rescinding the Obama Administration’s “hands off” policy with respect to the prosecution of licensed cannabis distribution in states where medical or recreational marijuana are legalized.  Our sister blog, “In the Weeds” has covered the issuance of this new Memorandum extensively, including how it may affect state medical marijuana programs around the country. So far, U.S. Attorneys in many of the states that have legalized medical marijuana (including Pennsylvania) have made public... More
  • The President Can Tweet, But Can a Doctor Text? Text messaging is a convenient way for busy doctors to communicate, but for years, the question has remained: are doctors allowed to convey sensitive health information with other members of their provider team over SMS? The answer is now “yes,” thanks to a memo published last week by the U.S. Department of Health & Human Services (HHS), Centers for Medicare & Medicaid Services (CMS).   The memo clarifies that “texting patient information among members of the health care team is permissible... More
  • HIPAA Updates – Mistakes to Avoid in 2018 and Guidance on Disclosing PHI related to Substance Abuse and Mental Illness Fox Rothschild’s HIPAA & Heath Information Technology Blog recently published two posts directly relevant to physicians and medical practices.  The first post, 5 Common HIPAA Mistakes to Avoid in 2018, addresses some typical misconceptions regarding disclosure of protected health information (PHI) and offers some ideas regarding how to avoid them. The second post, New HIPAA Guidance on Disclosure of PHI related to Opioid Abuse and Mental Health, touches on the most recent HIPAA guidance released by the U.S. Department of Health and Human Services,... More
  • New HIPAA Guidance on Disclosure of PHI Related to Opioid Abuse and Mental Health In our most recent post, the Top 5 Common HIPAA Mistakes to Avoid in 2018, we noted that the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) has recently published guidance on disclosing protected health information (PHI) related to overdose victims. OCR published this and other guidance within the last two months in response to the Opioid Crisis gripping the nation and confusion regarding when and to whom PHI of patient’s suffering from addiction or mental... More
  • Top 5 Common HIPAA Mistakes to Avoid in 2018 Heading into its 22nd year, HIPAA continues to be misunderstood and misapplied by many, including health care industry professionals who strive for (or at least claim the mantle of) HIPAA compliance. Here is my “top 5” list of the most frequent, and most frustrating, HIPAA misperceptions seen during 2017: “If I’m using or disclosing protected health information (PHI) for health care operations purposes, I don’t need a Business Associate Agreement.” Yes, HIPAA allows PHI to be used or disclosed for treatment, payment and... More