Healthcare has now surpassed nuclear power and financial services as the most highly regulated industry in the U.S. - and for good reason. The health, safety, and privacy of individual patients and the public at large is at stake.
For better or for worse, there exists a complex web of local, state, and federal laws and regulations that govern the businesses of healthcare providers and healthcare companies - from patient safety and privacy protections, to corporate transactions and contractual relationships. Navigating this complicated landscape requires a deep understanding of the risks and opportunities inherent in the healthcare industry—namely, it requires an experienced healthcare attorney.
On May 31, 2017, the U.S. Department of Justice announced that electronic health records (EHR) vendor eClinicalWorks (ECW), along with certain individual officers and employees, have agreed to pay a total of $155 million to settle a lawsuit under the False Claims Act (FCA). In its Complaint-in- Intervention, the government alleged ECW falsified compliance with certification requirements for EHR under the Meaningful Use program. The programming shortcuts ECW allegedly took in developing its software, along with inadequate post-market support and patches, could expose providers to increased risk of errors and jeopardize patient care. If you or your practice uses the eClinicalWorks software, you should be aware of ECW’s obligations and your rights under the Corporate Integrity Agreement (CIA).
In the latest article in Diagnostic Imaging, NLG Partner Rebecca E. Gwilt offers advice on how medical practices can manage vendor relations. Read the full article here: http://www.diagnosticimaging.com/partnerships/how-be-efficient-vendor-relations
Health IT vendors are under incredible pressure to represent to customers that their hardware and software solutions are impervious to cyber threats. Pick any major trade show and the first line you'll hear from exhibitors is that their solution is HIPAA-compatible, and, even more misleading, HIPAA-compliant. It's important that vendors understand overstating security protocols and capabilities can have major legal and financial implications.