The Prinz Law Office

The Department of Health and Human Services (“HHS”), the Office of the National Coordinator for Health Information Technology (“ONC”) and the Centers for Medicare & Medicaid Services (“CMS”) have just published a proposed rule defining the consequences for medical providers who fail to comply with the new information blocking regulations.

HHS previously established information blocking penalties for IT providers, health information exchanges, and networks  of up to $1 million per violation.  A full discussion of the previously proposed information blocking regulations was previously published on the Silicon Valley Digital Health Law Blog at this attached link

The newly announced proposal linked here will establish penalties in the form of financial disincentives for the medical providers who violate the information blocking regulations and are also Medicare-enrolled providers or suppliers.  (For the avoidance of doubt, the proposed rules do not apply to medical providers who fail to comply with the regulations but are not Medicare-enrolled providers or suppliers.)  The proposed financial disincentives are as follows:

• “Eligible Hospital(s)” or “critical access hospital(s)” would not be deemed to be a “meaningful electronic health record (“EHR”)” user, meaning that an “eligible hospital” would not be able to earn the three quarters of the annual market basket increase associated with qualifying as a meaningful EHR user and a “critical access hospital” would have its payment reduced to 100 percent of reasonable costs from the 101 percent of reasonable costs it might otherwise have earned in an applicable year.
• A health care provider that is an a “MIPS eligible clinician” would not be a “meaningful EHR user” in an applicable information blocking performance period and would also be required to report on the Promoting Interoperability performance category of MIP, as not earning a score.
• A health provider that is an accountable care organization (“ACO”), ACO participant, or ACO provider/ supplier will be barred from participating in the Shared Savings Program for at least a year.

What are the potential financial implications for these disincentives?

According to reporting by Healthcare IT News, the consequences to an “eligible hospital” deemed to be non-compliant “could result in a median disincentive amount of $394,353, ” whereas the consequences to a group of “MIPS eligible clinician(s)” deemed to be non-compliant could result in a loss ranging $1,372 to $165,326 for group sizes ranging from two to 241 clinicians.

HHS, ONC and CMS are currently seeking comments on the proposed rule.  Comments should be submitted on or before January 2, 2024 at 5 p.m. ET.  The submission instructions are published at this attached link.

The Drug Enforcement Administration (“DEA”), jointly with the Department of Health and Human Services (“HHS”), has announced that the current telemedicine regulations will continue in place through the end of December 31, 2024.  To view the full text of the announcement, please click here.  The full text of the extension is available here.

The decision comes after the DEA received more than 38,000 comments on its proposed telemedicine rules and held two days of public listening sessions related to those rules.

The DEA stated in the announcement that the final regulations should be available by the fall of 2024.

Governor Newsom has just signed SB 54, which will require venture capital firms in the state of California to annually report the diversity of founders they are backing.  According to Tech Crunch’s reporting, SB 54 will result in amendments to the Business and Professional Code and also will amend part of the Government Code pertaining to venture capital.

What is California SB 54?

SB 54 goes into effect as of March 1, 2025, and requires the following aggregated information to be reported on all VC investments:

• The gender identity of each member of the founding team, including nonbinary and gender-fluid identities.
• The race of each member of the founding team.
• The ethnicity of each member of the founding team.
• The disability status of each member of the founding team.
• Whether any member of the founding team identifies as LGBTQ+.
• Whether any member of the founding team is a veteran or a disabled veteran.
• Whether any member of the founding team is a resident of California.
• Whether any member of the founding team declined to provide any of the information described above.

Failure to timely comply with the reporting requirement may result in the assessment of a penalty of One Hundred Thousand Dollars ($100,000.00) to be assessed against a “covered person.”  SB 54 defines “covered person” as any person who does both of the following:

• Acts as an investment adviser to a venture capital company.
• Meets any of the following criteria: (i)  Has a certificate from the Commissioner of Financial Protection and Innovation pursuant to Section 25231 of the Corporations Code.  (ii) Has filed an annual notice with the Commissioner of Financial Protection and Innovation pursuant to subdivision (b) of Section 25230.1 of the Corporations Code. (iii) Is exempt from registration under the Investment Advisers Act of 1940 pursuant to subsection (l) of Section 80b-3 of Title 15 of the United States Code and has filed a report with the Commissioner of Financial Protection and Innovation pursuant to paragraph (2) of subdivision (b) of Section 260.204.9 of Title 10 of the California Code of Regulations.

SB 54 provides that reports will be due by March 1st of each year.

What is the Argument in Favor of SB 54?

Tech Crunch reports that supporters of SB 54 have argued that this law will make venture capital more “transparent.”  According to Tech Crunch, less than 3 % of all venture capital investments go to women or black founders.

Tech Crunch reported that SB 54 was opposed by the National Venture Capital Association and TechNet, though both organizations professed to support generally the concept of diversity in venture capital.

What is the Anticipated Impact of SB54?

Although the impact of SB 54 will go beyond just the software industry, this new law is likely to have a significant impact on software and SaaS companies, particularly those having diverse founders, as mandated reporting will likely incentivize venture capital firms to further focus on considering diversity in investment.  If your software company has diverse founders, you will definitely want to keep this law on your radar screen going forward.

The Food and Drug Administration (“FDA”) has issued final guidance to advice developers on their compliance obligations for premarket submissions.  To view the FDA’s finalized document, please click here: Cybersecurity in Medical Devices: Quality System Considerations and Content of Premarket Submissions (fda.gov).   The guidance issued by the FDA supersedes the earlier draft guidance issued on April 8, 2022 as well as the “Content of Premarket Submissions for Management of Cybersecurity in Medical Devices” issued October 2, 2014.

The guidance describes recommendations regarding the cybersecurity information to be submitted for the following:

• Premarket notification (510(k)) submissions;
• De Novo requests;
• Premarket Approval Applications  (PMAs) and PMA supplements;
• Product Development Protocols (PDPs)
• Investigational Device Exemption (IDE) submissions;
• Humanitarian Device Exemption (HDE) submissions;
• Biologics License Application (BLA) submissions; and
• Investigational New Drug (IND) submissions.

The FDA states in its release that “this guidance applies to all type of devices within the meaning of section 201(h) of the Federal Food, Drug, and Cosmetic Act (“FD&C Act”), including devices that meet the definition of a biological product under section 351 of the Public Health Services Act, whether or not they require a premarket submission.”  In addition, the FDA says that the guidance applies “to devices for which a premarket submission is not required (e.g. for 510(k) exempt devices)” as well as “cyber devices as defined in section 524B of the FD & C Act.”  Finally, the FDA states that the guidance applies to the device portion of a combination product “when the device constituent part presents cybersecurity considerations, including but not limited to devices that have a device software function or that contain software (including firmware) or programmable logic.”  Although the FDA indicates in the release that the guidance should not be construed as “legally enforceable responsibilities,” the FDA advises that the guidance represents its “recommendations” on the topic of cybersecurity.

What exactly recommendations exactly does the FDA make in this guidance?

First of all, the FDA recommends that device manufacturers follow the quality system requirements found in the QS regulation in 21 CFR Part 820, which may include establishing cybersecurity risk management and validation processes where appropriate in accordance with FDA’s guidance “Content of Premarket Submissions for Device Software Functions.”  The FDA says that healthcare facilities may manage devices within their own frameworks such as the National Institute of Standards Technology (“NIST”) cybersecurity framework.   The FDA also points to the following frameworks to consider: the Medical Device and Health IT Joint Security Plan, which is available at https://healthsectorcouncil.org/the joint-security plan;  IEC 81001-5-1; and ANSI, ISA 62442-4-1.

Second of all, the FDA recommends that device manufacturers implement security controls, which include authentication; authorization, cryptography, code, data and execution integrity; confidentiality; event detection and logging; resilience and recovery, updatability and finally, patchability.

Third, the FDA recommends that the manufacturers must establish and maintain procedures for verifying the device design, which verification must confirm that the design output meets the design input requirements.  The FDA again points to 21 CFR  820.30 for guidance on the procedures for verification.

Fourth, the FDA recommends transparency in advising users of relevant security risks through labeling, and provides specific examples of information to include in labeling.  The FDA points to IEC TR 80001-2-2 and IEC TR 80001-2-9 for further guidance on labeling to comply with the standards.

Fifth, the FDA recommends that manufacturers establish a plan for how to identify and communicate to users vulnerabilities identified after releasing the device in accordance with 21 CFR 820.100, which plan can also support security risk management processes described in the QS regulation.  The FDA states that these plans should include the following elements:

• Personnel responsible;
• Sources, methods, and frequency for monitoring and identifying vulnerabilities (e.g. researchers, NIST vulnerability database (NIST NVD), third party manufacturers;
• Identify and address vulnerabilities identified in “CISA’s  Known Exploited Vulnerabilities Catalog” available at https://www.cisa.gov/known-exploited-vulnerabilities-catalog;
• Periodic security testing;
• Timeline to develop and release patches;
• Update processes;
• Patching capability (i.e. rate at which update can be delivered to devices);
• Description of their coordinated vulnerability disclosure process; and
• Description of how the manufacturer intends to communicate forthcoming remediations, patches, and updates to customers.

The FDA points to its “Postmarket Cybersecurity Guidance” for additional recommendations on plans.

Digital health companies should definitely take the time to review and familiarize themselves with the new guidance, as it is likely that health care customers will be expecting compliance with this new guidance going forward, regardless of whether or not digital health companies’ products are actually subject to FDA regulation.  Even though this guidance constitutes merely a recommendation to those digital health companies which are subject to FDA regulation, it provides specific minimum recommendations that health care customers will likely expect their providers to be compliant with going forward.

The final update to the HIPAA Privacy Rule on reproductive health is anticipated to be issued soon by the Department of Health and Human Services (“HHS”).

HHS issued a Notice of Proposed Rulemaking on April 17, 2023 to solicit comments on its proposal to modify the Standards for Privacy of Individually Identifiable Health Information (“Privacy Rule”) under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) and the Health Information Technology for Economic and Clinical Health Act of 2009 (“HITECH Act”).  The comment period on the proposed update closed as of June 16, 2023.

If adopted, the proposed update would modify existing standards permitting uses and disclosures of protected health information (“PHI”) by prohibiting uses and disclosures of PHI about reproductive health care for criminal, civil, or administrative investigations or proceedings against individuals, covered entities or their business associates or other persons for seeking, obtaining, providing, or facilitating reproductive health care that is lawful under the circumstances in which it is provided.

The update was originally prompted by an executive order from President Biden directing HHS to take actions to strengthen the protections under HIPAA for reproductive health information following the Supreme Court’s decision in Dobbs v. Jackson Women’s Health Organization.  Attached is a link to the Court’s decision: https://www.supremecourt.gov/opinions/21pdf/19-1392_6j37.pdf.  A copy of President’ Bidens’s executive order may be viewed here: https://www.govinfo.gov/content/pkg/FR-2022-07-13/pdf/2022-15138.pdf.

According to the HHS Notice, the proposed Privacy Rule will “strengthen privacy protections for individual’s PHI related to reproductive health care” in order to “avoid the circumstance where an existing provision of the Privacy Rule is used to request the use or disclosure of any individual’s PHI as a pretext for obtaining PHI related to reproductive health care for a non-health care purpose where such use or disclosure would be detrimental to any person. ”

To view the full HHS notice on the anticipated HIPAA Privacy Rule update, please click here: https://www.federalregister.gov/documents/2023/04/17/2023-07517/hipaa-privacy-rule-to-support-reproductive-health-care-privacy.   For additional HHS commentary on the proposed Privacy Rule updates, please click here: https://www.hhs.gov/hipaa/for-professionals/regulatory-initiatives/hipaa-reproductive-health-fact-sheet/index.html.

The American Telemedicine Association has just released a new toolkit intended to help with assessing the impact of telehealth on addressing disparities in healthcare among communities.  Please click here to view the ATA Press Release, which announces the release and explains the significance.

The toolkit, which was developed by an ATA advisory group, provides functionality to review digital infrastructure by zip code and county, and a tool to scope the cost of telehealth-based improvements, as well as a collection of other resources the ATA has released to date.

According to the ATA Press Release, ATA developed the tool for the purpose of empowering healthcare industry members to address gaps in care that can be mitigated using virtual care.  In other words, the tool is intended to further one of the key aspirational goals of digital health, which is to improve access to healthcare for underserved populations.

To access the toolkit, please click here.

The DEA conducted a two day listening session last week to receive practitioner comments on  regulations relating to the prescribing of controlled substances via telemedicine.   Transcripts of the public comments are available for viewing at this link:  https://www.deadiversion.usdoj.gov/Telemedicine_listening_session.html.

According to reporting by Fierce HealthCare, the listening sessions were held in response to a backlash from doctors and telehealth groups after the DEA released proposed rules in February, 2023 that would have reinstated the restrictions that existed before the COVID era on the prescribing of controlled substances via telehealth.  In particular, the proposed rule would mandate that Schedule 2 medications or narcotics be prescribed in-person and Schedule 3 medications or higher could be prescribed for 30 days via telehealth but would require an in-person visit prior to refill.  Fierce HealthCare reported that the DEA received a record 38,000 comments on its proposed telemedicine rules, which were among the highest ever received in DEA history.

The American Telemedicine Association (“ATA”) has opposed the DEA’s February, 2023 position, asserting that the DEA’s plans will “simply limit. . . . access to legitimate health care”.  See ATA’s March 28, 2023 letters to the DEA at this link, in which the ATA submitted comprehensive recommendations regarding the proposed rules: https://www.americantelemed.org/press-releases/ata-action-submits-comprehensive-recommendations-to-dea-on-proposed-rules-regarding-remote-prescribing-of-controlled-substances/.

The ATA has advocated for a special registration process for telemedicine prescribing of controlled substances without a prior in-person visit based on seven key tenets, stated in its press release attached here:

1. The Special Registration process should work in conjunction with the existing registration process.
2. Telemedicine providers should not be required to maintain local addresses in every state where they practice.
3. Special Registration should include the elements DEA needs to monitor for illegitimate practitioners and illegal prescribing practices.
4. Special Registration should not be limited to any specific specialty or treatment condition. Schedule II prescribing could involve additional oversight but should not have additional restrictions.
5. Dispensers (pharmacies and pharmacists) should be able to identify legitimate prescribers who have a current Special Registration.
6. The location of the patient should not require any registration unless otherwise required because controlled substances are dispensed or administered at that site.
7. The Special Registration process should not place any arbitrary limits on a clinician’s ability to practice within the scope of their authority.

According to Fierce HealthCare the DEA was originally mandated fifteen years ago within the Ryan Haight Act to develop a special registration process for remote prescribing, which was mandated again by Congress in 2018, but the DEA failed to act on both occasions.  The ATA and other advocates are pushing the DEA to follow through on the prior mandates to keep COVID-era telemedicine flexibilities in place.

The Silicon Valley Digital Health Blog will continue to follow this issue as it develops.  Clearly, the DEA’s next steps will have a tremendous impact on patient access to telemedicine going forward.

If your company is currently subject to, or alternatively, may be subject in the future to HIPAA security requirements, you may be interested to know that the Office for Civil Rights (“OCR”) and the Office of the National Coordinator for Health Information Technology (“ONC”) have just released an updated version of their security assessment tool, which is intended to help with the identification and assessment of risks and vulnerabilities to electronic protected health information (“ePHI”), as well as with remediation and compliance planning.

Version 3.4 of the updated tool is available for download at the following link:  https://www.healthit.gov/topic/privacy-security-and-hipaa/security-risk-assessment-tool.

The newly released version of the tool contains updates such as a remediation report, a glossary and tool tips section, bug fixes, usability improvements, and references to the 2023 edition of the Health Industry Cybersecurity Practices (HICP) publication.

The security assessment tool is currently made available in Windows and Excel Workbook format and also comes with a convenient user guide.

The California legislature is currently considering a controversial new telehealth bill that would dramatically expand the access to veterinary care for animal patients located in California.  AB 1399 would change California’s existing law to permit a veterinarian-client-patient-relationship to be established solely via telemedicine.   Existing California law limits the practice of veterinary telemedicine to existing veterinarian-client-patient-relationships only, where the animal has previously been examined by the veterinarian, except in cases where the advice is given in an emergency.  See the attached link to view the bill in its entirety: Bill Text – AB-1399 Veterinary medicine: veterinarian-client-patient relationship: telehealth. (ca.gov)

Proponents of AB 1399 argue that passage of this bill is necessary to make permanent the COVID-era relaxation of California’s existing regulations, which permitted care virtually when local veterinary practices were inundated with new patients and human caretakers were dealing with challenging personal circumstances.  They argue that California continues to deal with a shortage of veterinarians and telemedicine improves access to care for California animals, many of whom would not otherwise receive care at all.  Attached are links to arguments and statements in support of the bill by Dr. Christie Long and the SFSPCA.

However, critics of AB 1399 warn of the unintended consequences of relaxing the existing regulations to California animals.  In particular, the American Veterinary Medical Association has opposed the bill on this ground (see the attached link).  While the California Veterinary Medical Association had also opposed AB 1399 (see the attached link), it just recently amended its position after several new amendments were made to the bill.  Attached is a copy of the letter published by the CVMA explaining the change of position:  AB-1399-Friedman-NEUTRAL-position.pdf (cvma.net).

For the digital health community, the adoption of AB 1399 and permanent relaxation of existing veterinary care restrictions in California would be a clear win for digital health providers seeking to expand access to veterinary care to more of the state’s animal residents.  The adoption of AB 1399 in this state could also have the effect of influencing other states with similar restrictions in place to also consider relaxing their regulations.

The Veterinary Virtual Care Association, a global nonprofit association dedicated to developing standards for veterinary virtual care, is actively tracking the current status of veterinary telehealth laws around the country at the following website:  The VVCA Telemedicine Regulatory Map – Veterinary Virtual Care Association.  According to the VVCA’s regulatory reporting map,  Michigan, Connecticut and the District of Columbia are currently the only states not requiring that telemedicine be tied to a veterinarian-client-patient-relationship.  If accurate, this means that California’s adoption of AB 1399 would set an important national precedent for veterinary telemedicine law.

The Silicon Valley Arbitration and Mediation Center has published for public comment a first draft of “Guidelines on the Use of Artificial Intelligence in Arbitration.”  The proposed guidelines were drafted by the Center’s AI Task Force Guidelines Drafting Subcommittee and are intended to provide a framework for how to use artificial intelligence in domestic and international arbitrations.

The guidelines contain three key chapters: a chapter that applies to all participants in international arbitrations, a chapter that applies to parties and party representatives, and a chapter that applies to arbitrators.   The topics addressed by the guidelines include safeguarding confidentiality, duty of competence or diligence in the use of AI, and non-delegation of decision-making responsibilities.

To view and comment on the guidelines, check out the following link: SVAMC AI GUIDELINES PORTAL (typeform.com)  The deadline for submitting comments is September 30, 2023.

Introduction: The Future of Work is Remote

Remote work is no longer a temporary solution; it’s becoming the standard way of working across industries. As we move deeper into 2025, understanding the latest remote work trends is crucial for both employees and employers to stay productive and engaged.

This article explores the most important remote work trends shaping the future and offers actionable tips to help you thrive in a flexible work environment.

Trend 1: Hybrid Work Models Dominate

Many companies have adopted hybrid models, combining remote and in-office work to maximize flexibility. This approach helps balance collaboration and personal focus time.

Benefits of Hybrid Work

• Improved work-life balance
• Reduced commute stress
• Enhanced employee satisfaction and retention

Trend 2: Focus on Mental Health and Well-being

Remote work has highlighted the importance of mental health. Organizations are investing in wellness programs, virtual team-building, and flexible schedules to support employee well-being.

How to Prioritize Your Mental Health

• Set clear work boundaries
• Take regular breaks and practice mindfulness
• Seek social connection through virtual meetups

Trend 3: Leveraging Technology for Seamless Collaboration

Advancements in technology continue to drive remote work success. Tools like AI-driven project management software, VR meeting rooms, and instant messaging apps are changing the game.

Top Tools for Remote Teams

• Slack or Microsoft Teams for communication
• Trello and Asana for task management
• Zoom and Google Meet for video conferencing

Trend 4: Skills for the Remote Worker of 2025

Remote work demands unique skills beyond traditional office jobs. Adaptability, self-discipline, and digital literacy are key to success.

Essential Remote Work Skills

• Time management and self-motivation
• Effective written and verbal communication
• Technical proficiency with remote work tools

Conclusion: Embrace the Remote Revolution

The remote work landscape will continue to evolve, but those who embrace flexibility, prioritize well-being, and leverage technology will thrive. Whether you’re an employee or employer, staying informed about these trends can help you succeed in 2025 and beyond.

Start adapting today and enjoy the benefits of a flexible, balanced, and productive remote work lifestyle.

casino siteleri
bahis siteleri
marsbahis giris
stake giris
1xbet giris
grandpashabet giris
casibom giris
deneme bonusu
deneme bonusu veren siteler
guvenilir bahis siteleri
guvenilir slot siteleri
casino siteleri
bahis siteleri
marsbahis giris
stake giris
1xbet giris
grandpashabet giris
casibom giris
deneme bonusu
deneme bonusu veren siteler
guvenilir bahis siteleri
guvenilir slot siteleri
casino siteleri
bahis siteleri
marsbahis giris
stake giris
1xbet giris
grandpashabet giris
casibom giris
deneme bonusu
deneme bonusu veren siteler
guvenilir bahis siteleri
guvenilir slot siteleri
canli casino
Deneme Bonusu
Slot Siteleri