As Europe’s General Data Protection Regulation (GDPR) takes effect, companies around the world are racing to implement compliance measures. In parallel with the GDPR’s development, China’s new data protection framework has emerged over the past year and is in the final stages of implementing the remaining details. With similar and often overlapping obligations, full compliance with the GDPR and China’s data protection framework presents a significant new challenge for companies with operations in China.

Does the GDPR Apply to Companies in China?

The GDPR applies to the processing of personal data of people who are in the European Union, even for a controller or processor in China, where the processing of the data is related to:

  • The offering of goods or services to the data subjects in the European Union, regardless of whether a payment is required; or
  • The monitoring of people’s behavior in the European Union.

As a result, even if a Chinese company does not have any formal establishments in the European Union, the GDPR will nonetheless apply if it is conducting either of these two types of activities.

What Are the Requirements for Companies in China Subject to the GDPR?

The GDPR primarily focuses on two categories of entities: “controllers” and “processors.” These two types are similar to concepts in the Chinese rules.  “Controllers” are entities that, alone or jointly with others, determine the purposes and means of the processing of personal data. “Processors” are entities that carry out the processing of personal data on behalf of the controllers.

Key requirements for most controllers under the GDPR:
Continue Reading

Earlier this month, more than 45,000 attendees descended on Las Vegas, NV, for the nation’s largest annual health care technology conference: the 2018 HIMSS Conference & Exhibition (HIMSS18). Conversations and educational sessions covered a wide range of health tech topics, with thought leaders, solutions developers, health system executives, patient advocates and care providers coming together to discuss the myriad obstacles and opportunities facing the health care technology industry today.

On Tuesday March 6, during the HIMSS conference, McDermott Will & Emery along with our friends at Capstone Headwaters convened a panel discussion on “Financing High-Growth Healthcare IT Companies, which I had the pleasure of moderating. The seasoned mix of health care finance and private equity professionals discussed the various types and sources of capital available to fuel high-growth health IT organizations and how to choose the right mix of capital to support a company’s growth needs. We also reviewed the legal and regulatory implications for investments in health care IT companies, and discussed considerations for optimal positioning in a value-based care environment. 
Continue Reading

Last week, the US Court of Appeals for the DC Circuit issued a long-awaited decision on an omnibus challenge to the FCC’s interpretation of the TCPA. While the decision provides some relief for businesses, it does not eliminate the prospect of TCPA liability and leaves important TCPA interpretive questions unresolved. Businesses should continue to be

Designed to provide business leaders and their key advisors with the knowledge and insight they need to grow and sustain successful digital health initiatives, we are pleased to present The Law of Digital Health, a new book edited and authored by McDermott’s team of distinguished digital health lawyers, and published by AHLA.

Visit www.

What if you didn’t have to take time out of your day to see a physician in person when you needed a prescription? What if a diagnosis could be delivered over video chat? What if your psychiatrist was available at the press of a button or swipe on your screen?

These options are fast becoming a reality, as telehealth (or telemedicine) continues to take hold in a health care system that is desperate for increased efficiency and higher quality outcomes. And while telehealth offers exciting new possibilities in terms of convenience and access for patients, it also poses new regulatory challenges for industry stakeholders still learning the new rules of the game in today’s digital health ecosystem.

The Chronic Care Act

One of the biggest drivers of change in the industry right now is the Chronic Care Act. Last month, as part of the House and Senate budget deal to fund the government through March 23, legislators included the Creating High-Quality Results and Outcomes Necessary to Improve Chronic (CHRONIC) Care Act of 2017, which will increase reimbursement for a lot of different telemedicine programs.

For example, if you went to a rural hospital and they didn’t have a stroke neurologist and you were having a stroke, you would have an ED doctor with no stroke specialty diagnosing you—not an ideal situation. With telemedicine, it’s now possible for rural doctors to consult with specialty doctors at renowned sites, which the government will fund thanks to the Chronic Care Act.
Continue Reading

The explosion in digital health solutions that connect consumers with licensed health care providers (e.g., nurses, nutritionists, physicians) and laypersons who have certain informal training (e.g., wellness guide, lifestyle coach, outreach partner) has the potential to blur the lines between what constitutes the practice of a licensed health care profession and what does not (usually because the service is intended to be merely informational or educational). Why does it matter which side of the line a particular service falls on? If a service is one that is delivered by a licensed health care professional, there are various state laws and regulations that may govern the activity, and different potential causes of action that may apply in the event a consumer/patient is injured in the process.

  1. If a digital health solution connects a consumer to an individual who is engaged in an activity that is normally performed by a licensed health care professional, state laws and regulations governing health care professionals likely apply.

As background, state professional boards regulate individuals who deliver health care services to the public (e.g., nursing, psychology, medicine, phlebotomy). What falls within the definition of a specific health care service can be very broad and varies state to state. 
Continue Reading

This past fall, after months of speculation, President Trump declared the opioid crisis sweeping the United States a national public health emergency. Upon the president’s declaration, Acting Health and Human Services Secretary Eric D. Hargan made a formal declaration under Section 319 of the Public Health Service Act, making available an exception to the

The opioid epidemic is making the United States acutely aware of the horrors of substance abuse disorders and the limited means of treating the individuals suffering from addiction. Rural America is among the places hit hardest by opioid addiction while also having limited access to mental and behavioral health providers.

Telemedicine offers a viable solution

On February 9, 2018 after a brief shutdown, Congress passed and President Trump signed the Bipartisan Budget Act of 2018, a two-year budget agreement that includes funding for the operation of the federal government until March 23, 2018. The law includes significant health care policy changes impacting Medicare, Medicaid and other federal health agencies. In addition to raising federal spending caps enacted in the Budget Control Act of 2011, this legislation includes additional spending for health care priorities. Here we break down some of the changes affecting telehealth.

Expanded Access to Telehealth Stroke Services

The new law expands, beginning in 2019, the ability of patients presenting with stroke symptoms at hospitals or mobile stroke units to receive a timely telehealth consultation with a neurologist in order to determine the best course of treatment. The provision eliminates the current geographic restriction that limits originating sites to rural areas, meaning distant site providers delivering telestroke services could receive a professional fee for delivering the consultation to patients located anywhere in the United States, provided that the other Medicare telehealth coverage requirements are satisfied (e.g., type of provider, type of technology).
Continue Reading

Stephen Bernstein, global chair of McDermott’s Health Industry Advisory Practice Group, sat down with This Week in Health Innovation at the J.P. Morgan Healthcare Conference in San Francisco.

Stephen and Dr. Andre Berger, CEO of National ACO, discussed the role of advancing technologies in enhancing collaboration between key players in digital health—including doctors, heath plans,