President Trump declared the opioid addiction epidemic a public health emergency yesterday. The White House made it clear that this declaration would allow officials to remove barriers to the prescribing of controlled substances via telemedicine, which would permit DEA registered providers to prescribe anti-addiction medications, such as Naloxone, to patients in need without first performing an in-person exam.

As background, the Ryan Haight Online Pharmacy Consumer Protection Act of 2008 (the Haight Act) requires a telemedicine provider who is prescribing a controlled substance to a patient to perform an in-person medical evaluation of the patient prior to prescribing a controlled substance, unless one of the narrow telemedicine exceptions set forth in the Haight Act applies. Additional information on the Ryan Haight Act and the implications of this declaration can be found here.

There are many important questions remaining to be answered, including whether any funding will be available to support the implementation of this declaration and whether the declaration will be renewed upon its expiration in 90 days. The answers to these questions are important to healthcare providers who will need to invest resources and time into developing telemedicine programs to reach more substance use disorder patients, which may take longer than 90 days to implement.

Following the first enforcement actions by local authorities in Shantou and Chongqing for violations of the new Network Security Law that came into effect this year, authorities in China have recently shown a clear initial focus with several new cases targeting provisions of the law that require monitoring of platform content. As of the start of October 2017, enforcement actions by authorities in China have targeted platform content violations in nearly 70 percent of all actions under the new provisions of the data protection rules.

 

Continue Reading China Data Protection Enforcement Update – A Focus on Platform Content

The US Department of Transportation’s National Highway Traffic Safety Administration recently released A Vision for Safety 2.0, an update to its prior guidance on automated driving systems. The new guidance adopts a voluntary, flexible approach to regulation of automated driving systems and clarifies that it alone, and not the states, is responsible for regulating the safety design and performance aspects of such systems.

Continue Reading

Although the incorporation of technology into human endeavours—commercial, political and personal—is a normal component of technological innovation, the advent of artificial intelligence technology is producing significant challenges we have not felt or understood with earlier innovations. For many years, for example, there has been speculation, research and public debate about the impact of the internet, the functioning of search engines, and online advertising techniques on commercial and political decisions.

The alleged “hacking” of the 2016 US presidential election, and the concerns about such activities in the 2017 European elections, will only heighten the interweaving discussions on free speech, national sovereignty, cyber security and the nature of privacy.

The use of artificial intelligence and machine-learning technologies has only added to the list of issues and areas of concern. The consequences of automobile accidents involving “self-driving” technologies, the “flash crashes” on securities markets due to algorithmic trading, and bias in systems designed to determine benefit eligibility, are requiring us to consider what happens when we defer judgment to machines, and highlighting the importance of quality in data sets and sensors.

Continue Reading

Read Full International News, Fall 2017

The government is continuing to ask for more help from the private sector to defend against cyber attacks. The National Infrastructure Advisory Council (NIAC) recently published a report discussing current cyber threats and urging private companies and executives to join forces with the government to better address those threats. The report proposes “public-private and company-to-company information sharing of cyber threats at network speed,” among other things discussed here.

Continue Reading

On 6 August 2017, the UK government released ‘The Key Principles of Vehicle Cyber Security for Connected and Automated Vehicles’, guidance aimed at ensuring minimum cybersecurity protections for consumers in the manufacture and operation of connected and automated vehicles.

Connected and automated vehicles fall into the category of so-called ‘smart cars’. Connected vehicles have gained, and will continue to gain, adoption in the market and, indeed, are expected to make up more than half of new vehicles by 2020. Such cars have the ability through the use of various technologies to communicate with the driver, other cars, application providers, traffic infrastructure and the Cloud. Automated vehicles, also known as autonomous vehicles, include self-driving features that allow the vehicle to control key functions–like observing the vehicle’s environment, steering, acceleration, parking, and lane changes–that traditionally have been performed by a human driver. Consumers in certain markets have been able to purchase vehicles with certain autonomous driving features for the past few years, and vehicle manufacturers have announced plans to enable vehicles to be fully self-driving under certain conditions, in the near future.

Continue Reading UK Government Issues Cybersecurity Guidance for Connected and Automated Vehicles

The Enhanced Nurse Licensure Compact (Compact) has now been adopted by 26 states, which means the Compact will be taking effect on January 19, 2018. Nurses who seek to practice telemedicine and deliver in-person care across state lines and who meet the Compact’s licensure requirements in these states will have one less obstacle to overcome going forward.

The Compact is an updated version of the original compact allows for registered nurses (RNs) and licensed practical/vocational nurses (LPN/VNs) to have one multistate license, which will enable them to practice nursing in person or via technology (e.g., videconference) in both their home state, as well as the other Compact states. Development and implementation of the Compact was not an easy feat, given the need for alignment of licensing standards across the Compact states, including federal and state fingerprint-based criminal background checks.

The 26 states participating in the Compact as of today are Arizona, Arkansas, Delaware, Florida, Georgia, Idaho, Iowa, Kentucky, Maine, Maryland, Mississippi, Missouri, Montana, Nebraska, New Hampshire, North Carolina, North Dakota, Oklahoma, South Carolina, South Dakota, Tennessee, Texas, Utah, Virginia, West Virginia and Wyoming.

For more information about the Compact, please visit: https://www.ncsbn.org/11070.htm.

Last Tuesday afternoon, the US Food and Drug Administration (FDA) held a webinar to outline a recently-published Digital Health Innovation Action Plan (Plan). In the Plan, the agency recognized that the traditional regulatory approach toward moderate and high risk medical devices is not well suited for the fast-paced, iterative design, development and type of validation used for digital health software products today. Going forward, the agency plans to explore an innovative approach to regulating these types of products. The approach contains three primary prongs: (1) the issuance of new guidance, (2) the Digital Health Software Precertification Program and (3) an internal expansion of FDA’s digital health capabilities.

The webinar was presented by Bakul Patel, Associate Director for Digital Health at FDA. At least 905 attendees logged in to the webinar. Continue Reading FDA Outlines the New Digital Health Innovation Action Plan and Software Precertification Pilot Program

New technologies and the expansion of the Internet of Things have allowed children of this generation to experience seamless interactive technologies through microphones, GPS devices, speech recognition, sensors, cameras and other technological capabilities. These advancements create new markets for entertainment and education alike and, in the process, collect endless amounts of data from children–from their names and locations to their likes/dislikes and innermost thoughts.

The collection of data through this Internet of Toys is on the tongues of regulators and law enforcement, who are warning parents to be wary when purchasing internet-connected toys and other devices for children. These warnings also extend to connected toy makers, urging companies to comply with children’s privacy rules and signaling that focused enforcement is forthcoming.

Federal Trade Commission Makes Clear That Connected Toy Makers Must Comply with COPPA

On June 21 2017, the Federal Trade Commission (FTC) updated its guidance for companies required to comply with the Children’s Online Privacy and Protection Act (COPPA) to ensure those companies implement key protections with respect to Internet-connected toys and associated services. While the FTC’s Six Step Compliance Plan for COPPA compliance is not entirely new, there are a few key updates that reflect developments in the Internet of Toys marketplace. Continue Reading Regulating the Internet of Toys

On May 31, 2017, the US Department of Justice announced a Settlement Agreement under which eClinicalWorks, a vendor of electronic health record software, agreed to pay $155 million and enter into a five-year Corporate Integrity Agreement to resolve allegations that it caused its customers to submit false claims for Medicare and Medicaid meaningful use payments in violation of the False Claims Act.

Read the full article.