42 CFR Part 2 | Legal Health Information Exchange

Battle of the Bots Continues…Fourth Circuit Affirms Preliminary Injunction Against PointClickCare

by Krystyna Monticello | Mar 25, 2025 | 42 CFR Part 2, Data Breach Laws, HIPAA Privacy

Continuing the saga of Real Time and PointClickCare in the battle of the bots, the U.S. 4th Circuit recently affirmed a preliminary injunction granted in favor of Real Time against PointClickCare, finding, among other things, that PointClickCare was unable to meet a burden of proof that it met its claimed Exceptions to Information Blocking. Therefore, documentation will be critical for actors who may find themselves having to defend similar claims.

NOW LIVE! The Updated 42 C.F.R. Part 2 Helper is Available!

by Helen Oscislawski | Mar 2, 2025 | 42 CFR Part 2, Data Breach Laws, Privacy & Consent, Tools & Resources

The wait is finally over!! Our brand-new, UPDATED 42 C.F.R. Part 2 Helper compliance package is now live for current members of Legal HIE. Loaded with carefully crafted checklists, tools, sample forms, policies, and training resources, all updated for the Part 2 Final Rule, it’s just what the doctor ordered for every organization to stay miles ahead of the February 16, 2026 compliance deadline! Read our new blog post for more information about what’s included with our Part 2 Helper and to get access to a sample checklist to update your Part 2 consents!

Tick Tock: The 42 CFR Part 2 Compliance Clock is Counting Down!

by Helen Oscislawski | Feb 16, 2025 | 42 CFR Part 2, Privacy & Consent, Tools & Resources

One year. That’s all the time left before the February 16, 2026 compliance deadline for the 42 CFR Part 2 Final Rule officially arrives. If you haven’t started preparing yet, now is the perfect time to get things in motion. One of the most challenging aspects of Part 2 implementation is the new consent structure. While the new consent for treatment, payment, and health care operations (“TPO consent”) introduces opportunities for improved data sharing and alignment with HIPAA, it is also complex and requires careful implementation. To help navigate these changes, today’s post offers readers a checklist of the key elements required in Part 2 consents.

The Winding Road of Changes to 42 CFR Part 2

by Helen Oscislawski | Feb 1, 2025 | 42 CFR Part 2

Over the years, 42 CFR Part 2 has traveled a winding road of amendments and updates—beginning with the 2016 Proposed Rule and continuing through a series of updates, each one modernizing how Part 2 information is shared while preserving essential privacy safeguards. Today’s post offers a chronological list of these rulemakings, each with its own executive summary.

HAPPY NEW YEAR! A LOT will be happening in 2023!

by Helen Oscislawski | Jan 1, 2023 | 42 CFR Part 2, Health IT, HIPAA, Lawsuits, Other

The New Year is finally here, and I believe that there will be a LOT going on in 2023! Here are just a few of the things that Legal HIE is looking to stay on top of for our readers this year . . .

Are We Getting Closer to Alignment of 42 CFR Part 2 & HIPAA?

by Helen Oscislawski | Nov 29, 2022 | 42 CFR Part 2, HIPAA, Legislation & Rulemaking, Privacy & Consent

SAMHSA finally fulfilled its duty under the CARES Act & releases a Proposed Rule “Confidentiality of Substance Use Disorder (SUD) Patient Records” amending the Part 2 rules in line with the CARES Act’s requirements. This is the 4th overhaul of the Part 2 Rule in 5 years…

A Look Ahead to 2021

by Helen Oscislawski | Jan 18, 2021 | 42 CFR Part 2, HIE & HIN, HIPAA, Information Blocking

The new year has much in store for electronic health information exchange compliance! Today’s post provides an overview of anticipated changes to the health information regulatory landscape in 2021, including increased interoperability efforts and telehealth expansion due to the coronavirus pandemic. It is not surprising that many of the topics discussed below are a direct result of the interoperability requirements created by the 21st Century Cures Act (“Cures Act”) enacted in December 2016.

Our Stockings are Stuffed with Compliance Tools

by Helen Oscislawski | Dec 23, 2020 | 42 CFR Part 2, GDPR, HIE & HIN, HIPAA, Legislation & Rulemaking

Seasons Greetings to all of our readers! First, we want to wish you and yours a holiday season filled with health, happiness and hope! We also want to thank you all for continuing to make Legal HIE such a popular and highly visited blog! It puts a smile on our face seeing so many of you enjoying our posts and returning to our site often!

As stockings are being hung by chimneys with care, we want to make sure you know that Legal HIE’s stockings are absolutely stuffed to the brim with tremendous tools, sample forms, polices and turn-key solutions that can help your organization stay on top of the most pressing compliance challenges, and ever-changing healthcare regulatory landscape. 2021 promises to be a year with many new and final regulations going into effect, and being released. The Legal HIE compliance library was created specifically for this purpose – to help busy and overwhelmed compliance officers and attorneys keep up with these changes by offering turn-key samples and solutions as a solid starting point.

Big Changes to Big Breaches of Data and Notification Requirements Coming Soon!

by Helen Oscislawski | Aug 21, 2020 | 42 CFR Part 2, Data Breach Laws, Legislation & Rulemaking

Yesterday, the period for public comment on the FTC’s Health Breach Notification Rule closed. The FTC’s Health Breach Notification Rule requires vendors of PHRs and PHR-related entities to notify the FTC if they experience a breach of security involving unsecured health information. Another area of change to Breach Notification is arising out of the CARES Act which was was enacted into law on March 27, 2020 and is making significant changes 42 C.F.R. Part 2. Among other changes that the CARES Act is introducing, it creates an entirely new obligation on Part 2 providers to notify SAMHSA of uses and disclosures of Part 2 data in any manner not authorized under Part 2! To date, 42 CFR Part 2 did NOT include an independent obligation to report or notify any agency (i.e., SAMHSA or HHS) of any use or disclosure of Part 2 information which was in violation of 42 CFR Part 2.

Changes on the Horizon for Part 2 Confidentiality Regulations

by Krystyna Monticello | May 22, 2020 | 42 CFR Part 2, HIE & HIN, Legislation & Rulemaking, Privacy & Consent

As part of its comprehensive COVID-19 response, Congress quietly passed through changes to the federal drug and alcohol confidentiality framework known as “Part 2” under the CARES Act, enacted on March 27. One of the more underreported components of the CARES Act, the changes do not completely overhaul the Part 2 regulations, however, they relax several restrictions that health care providers have struggled with, particularly in the electronic exchange and electronic health records (“EHR”) context (the “CARES Act Changes”).

SAMHSA Public Session to Discuss Part 2 Regulations & HIE

by Helen Oscislawski | Jun 10, 2014 | 42 CFR Part 2, HIE & HIN, Privacy & Consent

SAMHSA Public Session to Discuss Part 2 Regulations & HIE The Part 2 regulations which govern and protect information created by drug and alcohol rehabilitation providers have caused challenges for electronic health information exchange ever since HIE became a household term (….ok, well at...

Drug and Alcohol Treatment Info “Ok” to Go

by Helen Oscislawski | Oct 15, 2010 | 42 CFR Part 2, HIE & HIN, Privacy & Consent

Drug and Alcohol Treatment Info “Ok” to Go Over the summer, the ONC and SAMHSA (Substance Abuse and Mental Health Services Administration) held a session to discuss the application of the Substance Abuse Confidentiality Regulations to electronic health information exchange through HIOs...

Battle of the Bots Continues…Fourth Circuit Affirms Preliminary Injunction Against PointClickCare

The Winding Road of Changes to 42 CFR Part 2

HAPPY NEW YEAR! A LOT will be happening in 2023!

A Look Ahead to 2021

Big Changes to Big Breaches of Data and Notification Requirements Coming Soon!

Join our FREE mailing list and receive the latest blog posts from Legal HIE.

You have Successfully Subscribed!

Archives

Categories

Join our FREE mailing list and receive the latest blog posts from Legal HIE.

You have Successfully Subscribed!

Archives

Categories

Success!