Dykema Gossett PLLC

Homeostasis: Health Care Law Blog

Posts by Kathrin E. Kudner


Photo of Homeostasis: Health Care Law Blog Kathrin E. Kudner
View Bio

Showing 8 posts by Kathrin E. Kudner.

DHHS Issues Terms and Conditions for Relief Funds

On March 27, 2020, Congress enacted the Coronavirus Aid, Relief, and Economic Security Act or “CARES Act” which includes $100 billion in relief funds for hospitals and other healthcare providers to be used to provide support for healthcare-related expenses or lost revenue attributable to COVID-19. Funding is also available to providers to assist uninsured individuals to obtain testing and treatment for COVID-19.  Read More ›

OCR Guidance During the COVID-19 Public Health Emergency


On March 17, 2020, OCR issued guidance indicating that it would exercise enforcement discretion and waive penalties for entities that provide services to individuals using “everyday communication technologies.”

On March 20, 2020, OCR provided additional more detailed guidance on telehealth services applicable to all health care providers  covered by HIPAA who provide telehealth services during the COVID -19 public health emergency. Read More ›

CARES: Implications for the Healthcare Industry

On March 25, the Senate passed the Coronavirus Aid, Relief, and Economic Security Act (“CARES”). The House is expected to vote on the legislation on March 27, 2020. The following is a summary of the significant provisions impacting the health care industry. Read More ›

Cybersecurity Attacks: The Importance of Compliance With the Standards

Recent ransomware attacks illustrate the importance of compliance with the HIPAA required and addressable security standards. In its December 2, 2019 Fall 2019 Cybersecurity Newsletter, the Office of Civil Rights (OCR) discussed ransomware attacks and ways to recognize, prevent, mitigate and recover from an attack. Read More ›

Office of Civil Rights Fines Dental Practice for Disclosure of PHI on YELP

The Office of Civil Rights of the Department of Health and Human Services (“OCR”) settled a HIPAA violation with a Texas-based dental practice based on the practice’s inappropriate disclosures of PHI on YELP. Read More ›

DHHS Issues Proposed Rule Amending 42 CFR Part 2

On August 22, 2019, the Substance Abuse and Mental Health Services Administration of the United States Department of Health and Human Services (“SAMHSA”) issued a proposed rule amending the Confidentiality of Substance Use Disorder Patient Records regulations set forth at 24 CFR Part 2. These regulations were initially implemented to provide heightened protection of patient records covering the treatment of substance use disorder (“SUD”) provided by certain federally funded programs (“Part 2 programs”). Read More ›

OIG Okays Complimentary Care to Patients in Recent Advisory Opinion

The OIG, in Advisory Opinion 19-03 issued on March 1, 2019, found it acceptable for a medical center to provide follow-up care in patients’ homes at no charge for individuals with congestive heart failure and chronic obstructive pulmonary disease who are considered to be at high risk of readmission to the medical center (the “Program”). Specifically, the OIG determined it would not impose sanctions based on the Program under the civil monetary penalty provision prohibiting inducements to beneficiaries. Read More ›

Getting Ready to Text Patient Information? Think Twice!

Text messaging is the new email and is common in health care. Providers are texting both patients and other providers about patient care. While texting offers benefits in terms of ease, quickness and flexibility, text messages that include protected health information (PHI) raise concerns about the privacy and security of the information. Is the texted information secure and HIPAA compliant?

Both OCR and CMS have raised concerns about texts with patient information. HIPAA permits transmission of PHI by electronic means provided that the transmission is secure. OCR has acknowledged the benefits of texting by health care organizations, but has identified concerns and has indicated that it intends to issue guidance on texting in the near future. In late 2017, CMS issued a memorandum to State Survey Directors providing that texting patient information among health care team members is permissible if conducted on a secure platform, but that texting of orders by health care providers is not permissible. Specifically, the CMS memorandum states that health care providers must use systems or platforms for texting that are “secure, encrypted, and minimize the risks to patient privacy and confidentiality” per HIPAA regulations and conditions of participation or conditions for coverage. Read More ›