Thursday, September 26, 2013

FDA Regulating Smartphone Apps

According to the Pew Research Center, more than half of all Americans own a smartphone and along with smartphones come thousands of different apps.  Typically, people use their apps to listen to music, read the news or get directions to their destination.  However, the Food and Drug Administration (FDA) got involved once individuals started developing health and wellness apps.  For example, there are apps that measure the electrical activity of the brain, that take an individual’s blood pressure and that store and transfer patient medical records.   In June of 2012, Congress passed a bill allowing the FDA to regulate medical apps on smartphones because the apps could pose a risk to a user's safety if they were to not function as intended. 

On September 23, 2013 the FDA issued guidance on its regulatory strategy for health and wellness apps for smartphones and other wireless devices. Senior Policy Advisor at the FDA, Bakul Patel, said it was important for the FDA to weigh the benefits of the innovation the apps bring to the industry and balance it against patient safety risk. 

There are three categories of apps that the FDA is regulating, which include, those that  connect to and control another regulated device, those that display, transfer, store, or convert patient-specific medical device data from a connected device and those that transform a mobile platform into a regulated medical device.  The FDA has currently cleared around 100 mobile medical applications and the review process has taken 67 days on average to complete.  The FDA does not intend to regulate apps that pose minimal risk to patients and consumer, such as those that help smartphone users organize and track their health information or count calories.

If we allow our smartphones to manage every other aspect of our lives, is the next logical step to have smartphones help improve health and healthcare delivery?  It is the clear direction the healthcare industry seems to be taking with there already being around 200 mobile health apps which have been co-branded with healthcare organizations. 

Thursday, September 19, 2013

Are Your Employee’s Astroturfing For You?

Yelp Inc. is suing a boutique bankruptcy law firm, McMillan Law Group, for allegedly “astroturfing.” Astroturfing is when statements are given on the internet, which appear to be from an independent, credible source but only because the source’s financial connection is withheld.   The term is derived from the synthetic carpeting that is designed to look like natural grass, AstroTurf. 

According to the Yelp, Inc. v. McMillan Law Group Inc. complaint, a number of employees from the law firm were using their personal accounts to give the firm five out of five stars and making statements, such as, “Exceeded expectations”   and “would recommend for a quick, efficient and pain-free bankruptcy experience.”  The complaint further alleges that the law firm created Yelp profiles for the purpose of leaving glowing reviews.

The McMillan Law Group contends that Yelp’s lawsuit against them is simply retaliation for the law firm’s small claims filing on February 13, 2013 against Yelp. The McMillan Law Group asserted that its contract with Yelp was void due to fraud in inducement to advertise and duress, and it further alleged that the website failed to provide promised services.  A court commissioner awarded McMillan Law Group $2,700 plus $95 in cost, as a refund for advertising.
Only time will tell if there is any truth to the allegations against McMillan Law Group for unfair business practices, but it serves as a warning to all businesses.  Do not have employees post fake reviews for your business as you may find yourself defending a lawsuit for astroturfing!

Friday, September 6, 2013

Be Ready for the September 23 HIPAA Deadline

On March 26, 2013 the final rules that implement the Health and Information Technology for Economic and Clinical Health (HITECH) Act went into effect. These rules directed that all providers and groups must be in compliance by September 23, 2013. That date is right around the corner and it is imperative to use these last few weeks to make the proper preparations to paper work and policies. Failure to do so can result in increased fines.

The following are key aspects of the law that providers must be aware of:

Business Associate Agreements
Image courtesy of digitalart
A business associate (BA) is any company that handles PHI, such as vendors and contractors. If no BA agreement exists, then one must be in place by September 23. Any already existing BA agreements that were previously considered HIPAA compliant have a 1 year extension on revisions, as long as no renewals are done between March 26 and September 23. Any BA agreement that is renewed after September 23 must follow the new laws. BAs are now considered responsible for their subcontractors and must have BA agreements with them.

Patient Rights
The ruling allows for patients to have expanded rights when it comes to the privacy and security of their PHI. After September 23, they will be able to request their records in electronic form. They can also request that a provider not disclose any treatments to the health insurance carriers when the patient has paid in full. There are also much stricter rules in place for the use of PHI for marketing and fundraising purposes. The law prohibits selling a patient’s PHI without their consent. September 23 is the deadline for adding and/or revising your practice’s Notice of Privacy Practices (NPP) to reflect these changes. The new changes will also implement the Genetic Information Nondiscrimination Act (GINA) of 2008, which ensures that patient’s genetic health information cannot be used by health insurance carriers for underwriting purposes.

It is vital for every practice to do the following updates before the September 23 deadline:
-Notice of Privacy Practices form
-Business Associate Agreements
-Authorization forms
-staff training
-HIPAA privacy policies
-HIPAA security policies
-Agreements between BAs and Subcontractors

Contact our office if you have any questions concerning your practice and the September 23 HIPAA deadline. We are available to aid in all forms of practice preparation and compliance to avoid the new higher fines of up to $1.5 million per violation that comes with deadline.
Related Posts Plugin for WordPress, Blogger...