Health Law Advisor

Data is king!  A robust privacy, security and data governance approach to data management can position an organization to avoid pitfalls and maximize value from its data strategy. In fact, some of the largest market cap firms have successfully harnessed the power of data for quite some time.  To illustrate this point, the Economist boldly published an article entitled “The world’s most valuable resource is no longer oil, but data.”  This makes complete sense when research shows that 90% of all data today was created in the last two years, which translates to approximately 2.5 ...

In a major decision sure to provoke controversy and legislative attempts to overrule it, the en banc Seventh Circuit, by a vote of 8 to 4, has held in Kleber v. CareFusion Corp., (No. 17-1206, Jan 23, 2019), that Section 4(a)(2) of the federal Age Discrimination In Employment Act ("ADEA") does not provide rejected external applicants with a cause of action.

The case was brought by Dale Kleber, a 58 year old applicant who applied for a position at CareFusion. The job description allegedly “required applicants to have ‘3 to 7 years (no more than 7 years)’” of relevant experience.

The ...

On December 11, 2018, the Food and Drug Administrative (“FDA”) issued a draft guidance for comment entitled, “Biomarker Qualification: Evidentiary Framework” (the “Guidance”).  The Guidance provides insight regarding standards for biomarker qualification under the 21^st Century Cures Act (“Cures Act”).

FDA defines the term “biomarker” as a “characteristic that is measured as an indicator of normal biological processes, pathogenic processes, or responses to an exposure or intervention, including therapeutic interventions.” There are various ...

Recently, the U.S. Department of Health & Human Services (“HHS”) issued guidance for healthcare cybersecurity best practices.  As required under the Cybersecurity Act (CSA) of 2015, this four-part guidance was generated by a Task Group charged with the following:

1. Examining current cybersecurity threats affecting the healthcare and public health sector;
2. Identifying specific weaknesses that make healthcare and public health organizations more vulnerable to cybersecurity threats; and
3. Providing certain practices that cybersecurity experts rank as most effective ...

On October 18, 2018, the FDA published Content of Premarket Submissions for Management of Cybersecurity in Medical Devices.  This guidance outlined recommendations for cybersecurity device design and labeling as well as important documents that should be included in premarket approval submissions.  This guidance comes at a critical time as the healthcare industry is a prime target for hackers.  On January 22, 2019, the U.S. Department of Homeland Security Industrial Control System Cyber Emergency Team (US-CERT) issued another advisory regarding medical device ...

The federal government entered into a partial shutdown at midnight on Saturday, December 22, 2018. The implications of the ongoing shutdown are far-reaching, but its impact on the Food and Drug Administration (“FDA”) is of particular concern to members of FDA-regulated industries and those with a role in ensuring the public health. Thousands of FDA employees considered non-essential were furloughed and, consequently, routine regulatory and compliance activities at FDA were put on hold. On his Twitter account (@SGottliebFDA), Scott Gottlieb, M.D., Commissioner of the FDA ...

On December 7, 2018, the U.S. Food and Drug Administration (“FDA”) published a proposed rule (“Proposed Rule”) that, if finalized, would clarify the de novo classification process for medical devices, including (1) the format and contents of a de novo request and (2) the criteria for accepting or denying a de novo request. FDA intends to “enhance regulatory clarity and predictability... [and] provide a regulatory framework that sets clear standards, expectations and processes for de novo classification” through this proposed rulemaking.[1]

FDA regulates medical ...

According to a report by West Monroe Partners, approximately 40% of companies engaged in corporate transactions reported finding a cybersecurity issue during post-acquisition integration of the target company.  While companies routinely conduct robust transactional due diligence to manage legal risk, many fail to adequately conduct cybersecurity due diligence. As a consequence, many companies and investors are leaving themselves vulnerable to potentially severe latent cyber risks.

Cybersecurity is especially relevant in healthcare transactions as the industry ...

On December 18, 2018 the Food and Drug Administration (“FDA”) finalized guidance on its existing Breakthrough Device Program and announced plans for advancement of the Safer Technologies Program (“STeP”).  In the announcement, FDA Commissioner Scott Gottlieb emphasized the FDA’s efforts to promote innovation in medical devices that advance patient safety. This new medical device guidance could signal a year of opportunity for innovative medical device manufacturers that seek to advance patient safety.

Breakthrough Device Program

The Breakthrough Device ...

As 2019 begins, companies should seriously consider the financial and reputational impacts of cyber incidents and invest in sufficient and appropriate cyber liability coverage. According to a recent published report, incidents of lost personal information (such as protected health information) are on the rise and are significantly costing companies. Although cyber liability insurance is not new, many companies lack sufficient coverage. RSM US LLP, NetDiligence 2018 Cyber Claims Study (2018).

According to the 2018 study, cyber claims are impacting companies of all sizes ...