In February of this year, the Securities Exchange Commission issued its updated Statement and Guidance on Public Company Cybersecurity Disclosures. In April, the SEC issued an Order that, among other things, levied a $35 million fine against Yahoo! Inc. for failing to properly report a 2014 data breach. These actions support the view that the SEC is consciously committing attention and resources to cybersecurity issues affecting public companies ...
Regulation (EU) 2018/302 of February 28, 2018, on addressing geo-blocking and other forms of discrimination based on customers' nationality, place of residence or place of establishment within the internal market (the "Regulation") came into force, December 3, 2018. The Regulation seeks to increase access for customers in the EU and EEA to goods and services by preventing unjustified geo-discrimination due to the customer's nationality, place of residence or establishment ...
The deadline for meeting the previously issued nursing home compliance mandate is approaching. The Centers for Medicare & Medicaid Services (CMS) issued the mandate in 2016 and gave facilities three years to become compliant. On November 28, 2019, skilled nursing facilities (SNF) and nursing homes will be required to adopt and implement a compliance program as a condition for participation in Medicare and Medicaid ...
Since the GDPR has been in force, almost every company has, among other things, dealt with issues of the permissibility of direct marketing and other marketing activities under data protection law. At their data protection conference on Nov. 07-08, 2018, the German data protection supervisory authorities issued a new "orientation guide" on this topic (as of November 2018) ...
The large number of vague terms as well as provisions requiring interpretation in the GDPR create significant application issues for companies. However, it becomes even more of a challenge if companies not established in the EU want to review whether the GDPR is applicable to them. Generally speaking, the European legislator set themselves the goal of creating the most extensive territorial scope of the GDPR possible ...
In a letter to state Medicaid directors on Nov.13, 2018, the Secretary of the U.S. Department of Health and Human Services, Alexander Azar, announced a new demonstration opportunity that will allow states to provide improved care for adults with a serious mental illness (SMI) and children with serious emotional disturbance (SED) ...
On Nov. 19, 2018, the Bureau of Industry and Security (BIS) of the U.S. Department of Commerce issued an Advance Notice of Proposed Rulemaking[1] requesting public comment on criteria for identifying emerging technologies essential to U.S. national security that would be subject to increased export controls ...
Obviously, they are all natural disasters that climate scientists believe will increase in severity and intensity in the coming years. And they are all events that nursing homes and assisted living facilities (and all Medicare/Medicaid certified health care providers) are legally required to prepare for in order to protect their residents and patients. More pointedly, though, they are all events which the U.S ...
On November 15, 2018, the Food and Drug Administration (FDA) published a Proposed Rule, which, if finalized, will allow an institutional review board (IRB) to waive or alter certain informed consent requirements if a clinical trial poses minimal risk to human subjects and includes appropriate safeguards to protect the rights, safety, and welfare of those human subjects ...
When auditing annual financial statements, auditors are required to draw attention to risks that potentially threaten the company. Such risks can result for example from failure to implement the EU General Data Protection Regulation (GDPR) that has been in force since May 25, 2018. Given the substantial fines envisaged in the GDPR, these risks can result in high provisions, in the worst case in refusal on the part of the auditor to issue an unqualified audit opinion ...
In the last quarter of 2018, the Office of the Inspector General (OIG) announced that ImmediaDent of Indiana, LLC (ImmediaDent), which operates nine dental care practices, and Samson Dental Partners, LLC (SDP), which provides administrative support to Immediadent, have agreed to pay the United States and the state of Indiana $5.1 million to resolve allegations that they improperly billed Indiana’s Medicaid program ...
Recently, the Ohio Department of Medicaid (ODM) proposed the adoption of Ohio Administrative Code 5160-1-32.1 (the Proposed Rule), which provides two standard authorization forms for the use and disclosure of protected health information (PHI). The standard forms are designed to comply with both the HIPAA privacy rule (45 C.F.R. § 164.508) and 45 C.F.R. Part 2, which covers certain substance abuse treatment information ...
The value of the car is no longer merely associated with the car body, its engine or other material parts. Substantial value is found in the knowledge that controls the car – knowledge that does not only steer the car, but which may form the basis for maintenance and repairs planning, computing insurance premiums or indicating who is liable in the case of damage ...
Today the Health Resources and Services Administration (HRSA) issued a notice of proposed rulemaking (NPRM) that will end HRSA’s delays in implementing a January 5, 2017 final rule concerning 340B drug price calculations and civil monetary penalties (CMPs) against manufacturers who knowingly and intentionally overcharge 340B covered entities for 340B drugs (the Final Rule) ...
Earlier this week, the UK Cryptoassets Taskforce published its Final Report on cryptoassets and distributed ledger technology (DLT). The Taskforce – which includes representatives from HM Treasury, the UK Financial Conduct Authority (FCA) and the Bank of England – was established in March 2018 to analyse and assess the risks and potential benefits of cryptoassets and DLT and “set out the path forward with respect to regulation [of these areas] in the UK” ...
In a rare bipartisan and bicameral compromise, Congress has passed the “Substance Use–Disorder Prevention that Promotes Opioid Recovery and Treatment for Patients and Communities Act,” shortened to the “SUPPORT Act.” The bill was signed by President Trump on October 24, 2018 ...
Information is critical to the conduct of health and medical research. Much of the time the information relates to individuals. Higher education institutions regularly collect, use, disclose and hold information, including health information, for research purposes ...
Blockchain is a distributed ledger of data entries. The entries are processed and managed by a series of different computers, or ‘nodes’, which can be running on different servers. Every computer connected to the system keeps a copy of this ledger, meaning that different parties can view and manage the same information in real time. It also makes it exceptionally safe and secure. The energy sector has been relatively slow to adopt blockchain technology ...
The role of the Millennial lawyers and the recent incorporation of Artificial Intelligence (“AI”) in law firms are current trending topics. As a 27-year old associate of a law firm based in Guatemala City, every time I read about AI and that global law firms are incorporating AI to their practice, I ask myself, will I be replaced by it (or IT) ...
The Abu Dhabi Global Market (the ADGM) recently announced the launch of a commercial license specifically catered towards tech start-ups that allows entrepreneurs to obtain an operational license in the ADGM and access to a Professional Services Support Program aimed at allowing entrepreneurs entry to a community of businesses, financial services and professional advisors ...
Brick and mortar retailers are rapidly diversifying checkout and payment methods to combat the erosion of sales to online channels and provide an improved shopping experience for consumers. From self-checkout kiosks, to store-specific mobile applications for payment, scan-as-you-go devices, and even ‘just walk out’ models, retailers are reinventing consumer’s notions of the traditional checkout line by going cashierless ...
At the beginning of September, the Israeli Innovation Authority, a division of the Israeli Ministry of Economy and Industry and the successor to the Office of Chief Scientist “IIA”, issued new rules “New Rules”. The “New Rules” regarded the licensing of know-how developed and obtained by Israeli companies that received grants from the IIA “Funded Companies”, to multinational corporations ...
It is now more than four months since the EU General Data Protection Regulation (GDPR) became law in all member states of the European Union. Time for an initial and brief interim assessment, and to outline the data protection challenges currently facing companies. Feared spamigation has not materialized To date, the widely feared mass sending of cease-and-desist letters (spamigation) has largely failed to materialize ...
Following a short period of public consultation, the Telecommunications and Other Amendments (Assistance and Access) Bill 2018 (Cth) (Bill) has been introduced into Parliament. Despite the extensive public concerns raised with the Exposure Draft version, only a small number of amendments have been made to the Bill. Following extensive submissions and much debate, the 'decryption Bill' has now been introduced into Parliament ...
Many companies are currently facing challenges in relation to the GDPR compliance of their video surveillance. Main issues in this respect are questions related to transparency requirements and information notices, the need for a data protection impact assessment as well as questions concerning retention requirements and retention periods. The German Federal Labor Court (BAG) has recently commented on the admissible storage duration of lawful video recordings ...
