Recent Blog Posts
- Supreme Court: The ACA & Risk Corridor Obligations The U.S. Supreme Court decision today in Maine Community Health Options v. United States, is a major decision affecting healthcare and resolving a significant Obamacare dispute. The Affordable Care Act famously established online exchanges where insurers could sell their healthcare plans. It included the now-expired “Risk Corridors” program aimed to limit the plans’ profits and losses during the exchanges’ first three years (2014-16). The Act contained a formula for computing a plan’s gains or losses at the end of each... More
- AT&T/Time Warner Merger Approval Will Spur Vertical Mergers in Health Care Tuesday’s decision by Judge Richard Leon of the U.S. District Court for the District of Columbia categorically approving the merger of AT&T and Time Warner, without imposing any conditions or limitations and rejecting granting a stay for appeal purposes, will, unless blocked if there is an appeal, open the way for a series of pending vertical merger deals.
A “vertical merger” is a merger of two companies that do not compete and that are at different levels of the product or... More
- NIST Seeks Comments on Cybersecurity Standards for Patient Imaging Devices The National Institute of Standards and Technology (“NIST) has announced that it will be seeking industry input on developing “use cases” for its framework of cybersecurity standards related to patient imaging devices. NIST, a component of the Department of Commerce, is the agency assigned to the development and promulgation of policies, guidelines and regulations dealing with cybersecurity standards and best practices. NIST claims that its cybersecurity program promotes innovation and competitiveness by advancing measurement science, standards, and related technology in... More
- OCR Pronouncement on Ransomware Breach Notification May Make You “Wanna Cry” Last week’s “WannaCry” worldwide Ransomware attack was particularly targeted against international health organizations. Though the attack was thwarted not without a little good luck and less financial loss that might have been predicted, it unsurprisingly triggered responses from U.S. government agencies including the Department of Homeland Security (DHS) and, with specific reference to health care providers, the Office of Civil Rights (OCR) of the Department of Health & Human Services (HHS). It also is no surprise that these government agencies... More
- Executive Order Addressing Cybersecurity Amidst FBI Uproar Surprisingly amidst the Federal Bureau of Investigation (FBI) uproar, President Trump today signed an executive order addressing cybersecurity for the federal government and critical infrastructure, along with international coordination and cyber deterrence. The substance of the order, which is about to be made public, comes from various press releases and interviews with administration officials. The order is composed of three sections on cybersecurity and IT modernization within the federal government, protecting critical infrastructure, and establishing a cyber deterrence policy and... More
- The First Hundred Days and Cybersecurity Executive Order Delay Trumps Administration Policy Development
President Trump’s first hundred days did not produce the event that most people in the cybersecurity community expected – a Presidential Executive Order supplanting or supplementing the Obama administration’s cyber policy – but that doesn’t mean that this period has been uneventful, particularly for those in the health care space.
The events of the period have cautioned us not to look for an imminent Executive Order. While White House cybersecurity coordinator Robert Joyce recently stated... More
- Compliance Enforcement Pressure is Increasing for Directors Both the Department of Justice and the Department of Health and Human Services Inspector General have long urged (and in many cases, mandated through settlements that include Corporate Integrity Agreements and through court judgments) that health care organizations have “top-down” compliance programs with vigorous board of directors implementation and oversight. Governmental reach only increased with the publication by DoJ of the so-called Yates Memorandum, which focused government enforcers on potential individual liability for corporate management and directors in fraud cases.... More
- A Perilous “Advice of Counsel” Defense Results in Disclosure, Not Only of Attorney/Client Communications, but of Attorney Work Product Material as Well Frequently, parties in both civil and criminal cases where fraud or corporate misconduct is being alleged attempt to defend themselves by arguing that they lacked unlawful intent because they relied upon the advice of counsel. Such an assertion instantly raises two fundamental questions: 1) what advice did the party’s attorney actually give?; and 2) what facts and circumstances did the party disclose, or fail to disclose, in order to obtain that opinion? It is well understood that raising an advice... More
- Sharing Cyber Threat Information The Information Sharing and Analysis Organization-Standards Organization (ISAO-SO) was set up under the aegis of the Department of Homeland Security pursuant to a Presidential Executive Order intended to foster threat vector sharing among private entities and with the government. ISAOs are proliferating in many critical infrastructure fields, including health care, where cybersecurity and data privacy are particularly sensitive issues given HIPAA requirements and disproportionate industry human and systems vulnerabilities. Therefore, in advising their companies’ management, general counsel and others might... More
- Supreme Court: False Claims Act & Materiality Requirement The U.S. Supreme Court has rendered a unanimous decision in the hotly-awaited False Claims Act case of Universal Health Services v. United States ex rel. Escobar. This case squarely presented the issue of whether liability may be based on the so-called “implied false certification” theory. Universal Health Service’s (“UHS) problem originated when it was discovered that its contractor’s employees who were providing mental health services and medication were not actually licensed to do so. The relator and government alleged that... More