Lessons Learned from Real Time vs. PointClickCare: Mind your Information Blocking Ps and Qs

Lessons Learned from Real Time vs. PointClickCare: Mind your Information Blocking Ps and Qs

A federal district judge has granted preliminary injunctive relief to Real Time Medical Systems, Inc. (“Real Time”) barring the defendant, PointClickCare (“PCC”), from deploying unsolvable CAPTCHAs that interfered with Real Time’s ability to access the data of its skilled nursing facility customers that utilized PCC. As Judge Xinis wrote in the opinion, “No evidence supports that PCC had any legitimate good faith use for wholly inscrutable CAPTCHAs which, by definition, blocked Real Time from getting the very records it needs to exist….But even more damning is the timing of such deployments, which support that PCC used those CAPTCHAs as a device to hamstring or eliminate Real Time as a competitor.” Keep reading for additional details regarding Real Time’s complaints against PointClickCare.

Update: On August 19, 2024, PointClickCare filed a Motion to Expedite Appeal with the United States Court of Appeals for the Fourth Circuit.

read more
Meet New Jersey’s Brand New Data Privacy Act and Its Impact on Healthcare Organizations & Others

Meet New Jersey’s Brand New Data Privacy Act and Its Impact on Healthcare Organizations & Others

The New Jersey Data Privacy Act (NJDPA) was enacted on January 16, 2024. Although PHI collected by a HIPAA CE or BA is excluded from the NJDPA HIPAA CEs and BAs are NOT wholly excluded from compliance with the NJDPA. Also, HHS’ recent problematic interpretation that IP addresses collected by a healthcare provider’s website may be PHI adds even more complexity in interpreting the NJDPA.

read more
CMS Releases Hospital COP Event Notification FAQs; Interpretive Guidance

CMS Releases Hospital COP Event Notification FAQs; Interpretive Guidance

On May 1, modifications to the Medicare Conditions of Participation (“CoPs”) went into effect, requiring certain electronic event notifications for admissions, discharges and transfers (“ADTs”) to and from hospitals, critical access hospitals and psychiatric hospitals. To provide guidance to hospitals and state surveyors, CMS released several FAQs as well as interpretive guidance last week to be published in the State Operations Manual.

Hospitals are required to make a “reasonable effort” to ensure that notifications are sent to post-acute care services providers and suppliers, and other practitioners and entities, which need such notifications for treatment, care coordination or quality improvement. Under the new CoP, ADT notifications must be sent for all emergency department and inpatient patients where the hospital, critical access hospital or psychiatric hospital maintains an electronic medical record or administrative system.

read more
CMS Extends Publication Deadline for Stark Law Changes

CMS Extends Publication Deadline for Stark Law Changes

At the last hour, CMS extended the deadline for publishing much anticipated changes to the Stark Law. Originally expected for publication this past August, CMS extended the deadline to August 2021, noting that “… we are still working through the complexity of the issues raised by comments received on the proposed rule and therefore we are not able to meet the announced publication target date.” Together with the OIG’s counterpart rule, the proposed rules contain the potential for significant modernization of the Stark Law and Anti-kickback Statute as part of the “Regulatory Spring to Coordinated Care” as well as increased alignment and coordination between the two sets of laws.

read more
Moving Forward after Privacy Shield’s Invalidation

Moving Forward after Privacy Shield’s Invalidation

On July 16, the Court of Justice of the European Union (“CJEU”) invalidated the Privacy Shield, one of the primary mechanisms used by companies to lawfully transfer personal data outside of the European Union under the GDPR. Despite a prior adequacy determination in 2016, the CJEU found that shortcomings in the Privacy Shield, particularly U.S. security and surveillance laws and an ineffective Ombudsperson program, resulted in a failure to provide essentially equivalent protections to those afforded to individuals within the European Union.

read more
Mind your Breach Insurance and Vendor Contracts

Mind your Breach Insurance and Vendor Contracts

A preliminary class action data breach settlement involving UnityPoint Health should prompt health care organizations to take a second look at their breach insurance coverage as well as their contracts with vendors who process data on their behalf. Adequate cyber and breach insurance coverage is paramount and should be commensurate with the health care organization’s size, operations. Additionally, health care organizations should pay close attention to their vendor contracts, particularly limitation of liability clauses, hold harmless provisions and indemnification provisions in health IT and other contracts.

read more
CMS Issues Telehealth Encounter Guidance for Quality Reporting Programs

CMS Issues Telehealth Encounter Guidance for Quality Reporting Programs

New telehealth encounter guidance is available for the Promoting Interoperability Programs and Quality Payment Program. There are 42 telehealth codes eligible for inclusion within the eligible professional/eligible clinician eCQMs for the 2020 performance period. For the 2021 performance period, 39 telehealth codes would be eligible, however, there are also additional eCQMs identified as not eligible for telehealth encounters.

read more
CMS Extends Publication Deadline for Stark Law Changes

Changes on the Horizon for Part 2 Confidentiality Regulations

As part of its comprehensive COVID-19 response, Congress quietly passed through changes to the federal drug and alcohol confidentiality framework known as “Part 2” under the CARES Act, enacted on March 27.   One of the more underreported components of the CARES Act, the changes do not completely overhaul the Part 2 regulations, however, they relax several restrictions that health care providers have struggled with, particularly in the electronic exchange and electronic health records (“EHR”) context (the “CARES Act Changes”).

read more
CMS Continues COVID-19 Assistance for the Promoting Interoperability and Quality Payment Programs

CMS Continues COVID-19 Assistance for the Promoting Interoperability and Quality Payment Programs

As hospitals and providers continue to struggle in response to the COVID-19 pandemic, CMS has announced several efforts to provide assistance under the Promoting Interoperability Programs and Quality Payment Program. 

For the Quality Payment Program, CMS had previously extended the deadline for MIPS eligible clinicians to submit data and reopened the application period for MIPS eligible clinicians to file for a hardship exception for the 2019 payment year.  Additionally, CMS announced that any individual MIPS eligible clinician who did not submit data or which submitted data for only one performance category for the 2019 payment year by April 30 will automatically receive a neutral payment instead of a negative payment adjustment (this “extreme and uncontrollable circumstances” policy is not available to groups/virtual groups). If a MIPS eligible clinician is able to submit data, CMS noted that the data submission would override the automatic “extreme and uncontrollable circumstances” policy and the clinician could be eligible for negative, neutral or positive payment adjustments based on the data submission. 

read more

Archives