Healthcare data breaches occur on a daily basis in the US. Most healthcare providers expect it is a matter of “when” not “if” they will be impacted. The US Department of Health and Human Services reported 325 healthcare data breaches in in the first six months of 2021.  As the threat of being hacked increases, more health care providers are purchasing cyber liability insurance to protect against data breaches or online attack.

The timing could not be worse. With cyberattacks on the rise, and demand for coverage surging, the $3 billion cyber insurance industry is facing higher costs and substantially more risk than ever before. According to the National Association of Insurance Commissioners, premiums have more than doubled since 2015. Some companies report their policy premiums increasing 35% over prior year.  Almost all premiums climbed by double digits in 2020.

As a result of soaring losses, insurers are doing more due diligence on customer’s applying for coverage, raising prices, and limiting the liability coverage. Upper limits of $10M are really a thing of the past and policy holders are receiving notices that the coverage is being slashed to $5M or even less if the policy holder cannot demonstrate their compliance with data privacy standards and best practices.

Due to the uptick in ransomware losses, the underwriting process now often requires the applicant to provide written documentation of security audits, submission of incident security plans, disaster recovery plans, and compliance with industry standards like SOC or HITRUST. Some companies will find that they are unable to obtain cyber coverage at all.


Continue Reading Impact of Ransomware Attacks on the Cyber Liability Insurance Market

Winstead PC is collaborating with Texas Health Catalyst at Dell Medical School at The University of Texas at Austin to support entrepreneurs who are in the early stages of developing their healthcare technology products.

Spearheaded by Dr. Nishi Viswanathan, Texas Health Catalyst is based on a unique model focused on the development of early-stage

Big data entails nearly every aspect of commerce.  However, protecting big data as a form of intellectual property is complex.  For instance, patents, copyrights and trade secrets provide limited protection for datasets.  Moreover, the ownership of datasets can be uncertain.  Additionally, datasets may be subject to numerous regulatory laws.  In view of the aforementioned complexities, contractual agreements play a pivotal role in protecting and commercializing big data.

Big data is a valuable asset

Big data can be in many forms.  Such forms can include market data, consumer data, business records, health records, and experimental results.

Additionally, big data can find applications in numerous fields, including the healthcare and life sciences industries.  For instance, in the healthcare industry, data extracted from electronic health records can be supplied into a software with artificial intelligence (AI) or machine-learning algorithms for diagnostic applications, such as detecting early heart failure and predicting surgical complications[1].  Similarly, in the life sciences industry, DNA sequences generated through next generation sequencing techniques can be supplied to various AI-based software for the identification of potential drug targets[2].


Continue Reading Big Data as a Valuable Asset: Avenues for Protecting and Commercializing Big Data through Contractual Agreements

Winstead Shareholder Sarah Churchill Llamas presented a webinar for TMLT titled “New Law Impacting your Practice: Information Blocking.”  In the webinar, Sarah discusses the new Information Blocking rule that goes into effect on April 5, 2021. This rule affects patient access to data and system interoperability and it is intended to improve the electronic exchange

Winstead PC Shareholder Sarah Churchill Llamas recently spoke with Medpage today about the federal emergency orders in response to the Covid-19 pandemic that currently allow physicians to prescribe opioid medications to patients via telemedicine. An excerpt is below:

“In the COVID-19 era, under relaxed federal emergency orders, licensed clinicians have been able to prescribe opioid analgesics for their patients even if they’ve only ever seen the patient via telehealth, rather than in person.

For providers like Stephen Bekanich, MD, a palliative care physician for Ascension Texas in Austin, this provision allows him to help seriously ill patients without requiring in-person visits that may be difficult for them or could expose them or their caregivers to the virus.


Continue Reading Sarah Churchill Llamas in Medpage Today: Docs Can Prescribe Opioids Via Telemedicine, for Now

Background

The U.S. Department of Health and Human Services (HHS) recently finalized transformative rules that will give patients unprecedented safe, secure access to their health data. The rules are issued by the HHS Office of the National Coordinator for Health Information Technology (ONC) and Centers for Medicare & Medicaid Services (CMS) to implement interoperability and patient access provisions of the bipartisan 21st Century Cures Act (Cures Act).  These final rules mark the most extensive healthcare data sharing policies the federal government has implemented, requiring both public and private entities to share health information between patients and other parties while keeping that information private and secure. These final rules became effective as of June 30, 2020. NOTE: Due to the COVID-19 public health emergency, HHS has delayed enforcement until future dates.
Continue Reading How HHS Information Blocking Regulations Apply to Healthcare Providers

On June 30, 2020, Winstead PC attorney Sarah Churchill Llamas participated in a panel discussion—How to Increase Enterprise UX?—as part of the UX & Telehealth RapidConf. Discussions centered on telehealth and its overall market-effect in the rapidly evolving healthcare landscape. The panel was hosted by Fabien Beckers (Arterys), and included other panelists such as Laura Berrara (ECG Management), John Fryer (Lumeris), and Balint Bene (bene : studio). Here are a few key takeaways from the discussion:

Continue Reading UX & TeleHealth RapidConf | Key Takeaways