The ePrivacy Regulation was actually supposed to enter into force on May 25, 2018 jointly with the EU General Data Protection Regulation. Now it is expected to go into effect in 2019 at the earliest. It has new provisions in store, particularly for online marketing. The ePrivacy Regulation is intended to replace the current European ePrivacy Directive (2002/58/EC) and the Cookie Directive (2009/136/EC) ...
In two decisions on Friday, the Federal Circuit clarified the law of obviousness-type double patenting (ODP) and provided certainty to biopharma patent owners. In Novartis AG v. Ezra Ventures LLC, the court held that ODP does not invalidate an otherwise valid patent term extension (PTE) granted under 35 U.S.C. § 156 (extending the term of a pharmaceutical patent to compensate for regulatory delays). And in Novartis Pharmaceuticals Corp. v. Breckenridge Pharmaceutical Inc ...
Several years ago the U.S. Centers for Medicare and Medicaid Services (CMS) required skilled nursing facilities (SNFs) to report nurse staffing levels using the SNF’s payroll records, in an effort to obtain more accurate information about actual daily nurse presence in SNFs. CMS has collected this Payroll Based Journal (PBJ) information for a few quarters now ...
On December 7, 2018, the Food and Drug Administration (FDA) released a Proposed Rule that clarifies procedures and criteria for the de novo medical device clearance pathway. In a statement accompanying the Proposed Rule, FDA Commissioner Scott Gottlieb stated FDA believes the Proposed Rule will help facilitate classification of innovative low- to moderate-risk novel medical devices by providing more structure, clarity, and transparency to the de novo pathway ...
On December 11, 2018, Pennsylvania Auditor General Eugene A. Depasquale released a long-awaited report discussing the role of pharmacy benefit managers (PBMs) in Pennsylvania’s health care system ...
I. Introduction According to a Bitkom study from September 2018, German industry has incurred a total loss of 43 billion euros as a result of cyberattacks over the past two years. Seven out of ten industrial companies have been victims of such attacks during this period. At EU level, there has recently been a growing discussion on how to face this mounting danger ...
As an eventful 2018 comes to a close, we look ahead to 2019 and our “Top 10 List” of key issues U.S. financial institutions, non-banks providing financial services, and financial technology (fintech) entities should plan for and watch throughout the upcoming year. The first five items on the list are discussed below, and the remainder of our list will follow shortly in another post ...
Institutional Shareholder Services, Inc. (“ISS”) and Glass, Lewis & Co. (“Glass Lewis”) recently released their 2019 proxy voting policy updates. ISS and Glass Lewis are two of the leading proxy advisory services worldwide, and each evaluates and updates their proxy voting policies annually. The key ISS and Glass Lewis updates for the 2019 proxy season are summarized below. ISS ISS published its 2019 Proxy Voting Guidelines Updates on November 19, 2018 ...
Over the last several years, the emphasis on privacy and data protection has grown significantly. With the amount of data collected by companies and technology skyrocketing, the need to protect personal information has been at the forefront of states’ legislative agendas. While all 50 states now have breach notification statutes, states are now taking a closer look at issues such as tracking online behavior and the use of biometric data ...
Medicare and Medicaid certified nursing homes are frequently required to pay fines (called “civil money penalties” or “CMPs”) to the U.S. Centers for Medicare and Medicaid Services (“CMS”) when government surveyors find them out of compliance with the Requirements for Participation for Long-Term Care Facilities. It is not uncommon for CMS to assess CMPs in the hundreds of thousands of dollars ...
Executives and in-house counsel should be aware that traveling with sensitive data can lead to its seizure—with potentially severe consequences worldwide. Recently, Parliament in the United Kingdom seized from a traveling executive a USB drive containing data that had been produced in a United States lawsuit between Six4Three, a software company, and Facebook. Put simply, that data was in the wrong place at the wrong time ...
Under the Affordable Care Act (“ACA”), large employers (generally those with 50 or more full-time employees or full-time equivalents) must report annually to the IRS information about the health coverage offered to their full-time employees during the prior year using IRS Form 1095-C. The IRS uses the forms to assess whether an employer "shared responsibility" penalty applies. Employers also must provide copies of the forms to their full-time employees ...
Increased federal oversight may be on the horizon for skilled nursing facility involuntary transfers and discharges. The Office of Inspector General (OIG) included in its 2019 Work Plan reviewing SNFs’ involuntary transfers and discharges, focusing on reviewing whether State agencies have effectively investigated and enforced proper transfer and discharge procedures ...
In February of this year, the Securities Exchange Commission issued its updated Statement and Guidance on Public Company Cybersecurity Disclosures. In April, the SEC issued an Order that, among other things, levied a $35 million fine against Yahoo! Inc. for failing to properly report a 2014 data breach. These actions support the view that the SEC is consciously committing attention and resources to cybersecurity issues affecting public companies ...
Regulation (EU) 2018/302 of February 28, 2018, on addressing geo-blocking and other forms of discrimination based on customers' nationality, place of residence or place of establishment within the internal market (the "Regulation") came into force, December 3, 2018. The Regulation seeks to increase access for customers in the EU and EEA to goods and services by preventing unjustified geo-discrimination due to the customer's nationality, place of residence or establishment ...
The deadline for meeting the previously issued nursing home compliance mandate is approaching. The Centers for Medicare & Medicaid Services (CMS) issued the mandate in 2016 and gave facilities three years to become compliant. On November 28, 2019, skilled nursing facilities (SNF) and nursing homes will be required to adopt and implement a compliance program as a condition for participation in Medicare and Medicaid ...
Since the GDPR has been in force, almost every company has, among other things, dealt with issues of the permissibility of direct marketing and other marketing activities under data protection law. At their data protection conference on Nov. 07-08, 2018, the German data protection supervisory authorities issued a new "orientation guide" on this topic (as of November 2018) ...
The large number of vague terms as well as provisions requiring interpretation in the GDPR create significant application issues for companies. However, it becomes even more of a challenge if companies not established in the EU want to review whether the GDPR is applicable to them. Generally speaking, the European legislator set themselves the goal of creating the most extensive territorial scope of the GDPR possible ...
In a letter to state Medicaid directors on Nov.13, 2018, the Secretary of the U.S. Department of Health and Human Services, Alexander Azar, announced a new demonstration opportunity that will allow states to provide improved care for adults with a serious mental illness (SMI) and children with serious emotional disturbance (SED) ...
On Nov. 19, 2018, the Bureau of Industry and Security (BIS) of the U.S. Department of Commerce issued an Advance Notice of Proposed Rulemaking[1] requesting public comment on criteria for identifying emerging technologies essential to U.S. national security that would be subject to increased export controls ...
Obviously, they are all natural disasters that climate scientists believe will increase in severity and intensity in the coming years. And they are all events that nursing homes and assisted living facilities (and all Medicare/Medicaid certified health care providers) are legally required to prepare for in order to protect their residents and patients. More pointedly, though, they are all events which the U.S ...
On November 15, 2018, the Food and Drug Administration (FDA) published a Proposed Rule, which, if finalized, will allow an institutional review board (IRB) to waive or alter certain informed consent requirements if a clinical trial poses minimal risk to human subjects and includes appropriate safeguards to protect the rights, safety, and welfare of those human subjects ...
When auditing annual financial statements, auditors are required to draw attention to risks that potentially threaten the company. Such risks can result for example from failure to implement the EU General Data Protection Regulation (GDPR) that has been in force since May 25, 2018. Given the substantial fines envisaged in the GDPR, these risks can result in high provisions, in the worst case in refusal on the part of the auditor to issue an unqualified audit opinion ...
In the last quarter of 2018, the Office of the Inspector General (OIG) announced that ImmediaDent of Indiana, LLC (ImmediaDent), which operates nine dental care practices, and Samson Dental Partners, LLC (SDP), which provides administrative support to Immediadent, have agreed to pay the United States and the state of Indiana $5.1 million to resolve allegations that they improperly billed Indiana’s Medicaid program ...
Recently, the Ohio Department of Medicaid (ODM) proposed the adoption of Ohio Administrative Code 5160-1-32.1 (the Proposed Rule), which provides two standard authorization forms for the use and disclosure of protected health information (PHI). The standard forms are designed to comply with both the HIPAA privacy rule (45 C.F.R. § 164.508) and 45 C.F.R. Part 2, which covers certain substance abuse treatment information ...
