Hot Topics in Health Care - May 2022

Articles / Publications

OCR Public Comment on Security Practices and Civil Monetary Penalties

The Office for Civil Rights (“OCR”) is seeking information from stakeholders on two aspects of the Health Information Technology for Economic and Clinical Health Act of 2009 (“HITECH”). First, OCR is seeking input on ways to support and encourage the implementation of appropriate security practices in light of the growing number of cyberattacks the health care industry is experiencing. This is relevant because OCR is permitted to consider the security measures in place when determining penalties for HIPAA violations. Second, OCR is seeking input on ways monies collected through OCR’s enforcement activities can be shared with those individuals who are harmed as a result of the underlying violation and how to make determinations regarding who is harmed and the methodologies for determining monetary distributions to such individuals. Comments may be submitted through June 6, 2022. Additional information is available here.

Source: United States Department of Health and Human Services

CMS Addresses Transparency of Medicare Advantage and Part D Plans

The Centers for Medicare & Medicaid Services (“CMS”) recently issued a final rule addressing the transparency of Medicare Advantage and Part D Plans. Among other things, the final rule (i) requires Part D Plans to pass along price concessions received from pharmacies to the enrollees, thereby reducing out-of-pocket expenses for prescription drugs; (ii) requires Medicare Advantage and Part D Plans to inform enrollees of free interpreter services; (iii) increases the authority of CMS to limit the ability of Medicare Advantage and Part D Plans to expand existing contracts or enter into new contracts if they are not performing satisfactorily; and (iv) requires the Plans to detect and prevent the use of misleading marketing efforts by third-parties. Additional information on the final rule is available here.

Source: Centers for Medicare and Medicaid Services

Alabama Board of Medical Examiners Addresses Telemedicine Requirements

Recently, Alabama Governor Ivey signed into law a statute providing for the regulation of telemedicine in Alabama and abolishing the “special purpose license” as of July 11, 2022. After July 11, 2022, any special purpose license in effect will be active until its expiration date, but upon expiration it will not be renewed. No new special purpose licenses will be issued after July 11, 2022. Relating to telemedicine services provided to patients located in Alabama, such services may only be initiated at the request of the patient or a referring physician. While no in-person examination is required to initiate the physician-patient relationship, there are certain verification, disclosure, and consent requirements for the use of telemedicine in Alabama. In addition, with the exception of mental health services, if telemedicine services are provided more than four times in one year to the same patient for the same condition, the physician must either see the patient in person within a reasonable period of time or refer the patient to a physician who can see the patient in person within a reasonable period of time. Prescriptions for controlled substances may only be issued as a result of a telemedicine visit if the visit includes audio or audio-visual communication using HIPAA compliant equipment with the prescriber, the prescriber has had at least one in-person visit with the patient within the past 12 months, and the prescriber has a legitimate medical purpose for issuing the prescription. All telemedicine visits must be documented in accordance with medical record requirements. Additional information is available here.

Source: Alabama Board of Medical Examiners & Medical Licensure Commission

For more information on these "Helpful Hints" topics, please contact Kelli Fleming in our Birmingham, AL office at (205) 458-5429 or

Subscribe to receive Burr & Forman's Health Care E-Note here.
Jump to Page

Contact Us

About Burr & Forman Cybersecurity & Data Privacy Law

Burr & Forman's experienced team helps clients navigate the complex cybersecurity and data privacy landscape with strategies designed to assess current risks, develop a corrective action plan, implement best practices, and provide immediate and appropriate responses to a cybersecurity breach.

We use cookies to improve your website experience, provide additional security, and remember you when you return to the website. This website does not respond to "Do Not Track" signals. By clicking "Accept," you agree to our use of cookies. To learn more about how we use cookies, please see our Privacy Policy.

Necessary Cookies

Necessary cookies enable core functionality such as security, network management, and accessibility. These cookies may only be disabled by changing your browser settings, but this may affect how the website functions.

Analytical Cookies

Analytical cookies help us improve our website by collecting and reporting information on its usage. We access and process information from these cookies at an aggregate level.