Author: hljwebcontent

OCR Sends Message of Compliance to Dental Practices in violation of Patient Right of Access Under HIPAA

Kendall Warden, Class of 2024, Belmont Law

On September 20, 2022, the U.S. Department of Health and Human Services Office for Civil Rights (OCR) sent a public message to dental practices in violation of HIPAA Privacy Rule’s patient right of access provision. The OCR did this by publicizing the result of investigations into three dental practices throughout the United States. These investigations concerning patient right of access violations are part of a collective effort to encourage medical providers to remain compliant with the HIPAA Rules and minimize the need for patients to file complaints with OCR to receive their medical records.  


In general, the Privacy Rule’s patient right of access provision requires covered entities in possession of protected health information (PHI) to provide individuals access to their PHI upon request. While there is no private right of action for individuals affected by HIPAA Privacy Rule violations, filing a complaint with the OCR gives patients an alternative means of resolving disputes when covered entities fail to timely or adequately provide access to PHI. 


The first of the three cases involved Family Dental Care, P.C., located in Chicago, Illinois. A patient of the dental practice requested her full medical record in May 2020, but she received only bits and pieces of her records. After realizing large portions of her records were missing, the patient filed a complaint with OCR on August 8, 2020. During OCR’s investigation, the dental practice provided the patient with the remainder of her medical records. The patient did not receive her full medical records until a complaint had been filed and more than five months had gone by since the initial request. OCR determined that Family Dental Care did not timely provide patient access to the request medical records, and therefore, potentially violated HIPAA Privacy Rule’s patient right of access provision. Family Dental Care ended up paying a $30,000 fine and agreeing to implement a corrective action plan.  


The second investigation involved a dental and orthodontics provider located in Georgia, Great Expressions Dental Center of Georgia, P.C. In November 2019, a patient requested her medical records from the dental practice. The practice refused to provide the medical records unless the patient paid $170 copying fee, so the patient filed a complaint with OCR in November 2020. Over a year later, in February 2021, the practice finally provided the patient with her medical records. Through its investigation, OCR determined Great Expressions Dental Center of Georgia failed to provide timely access to the patient’s requested medical records, and its copying fees are unreasonable and not cost-based. Both determinations are potential HIPAA violations. The Georgia practice paid an $80,000 fine and also agreed to implement a corrective action plan. 


The third case concerns Paradise Family Dental, a dental practice located in Las Vegas, Nevada. On behalf of her minor child, a mother requested the child’s PHI from Paradise Family Dental several times between April 11, 2020, and December 4, 2020, but she did not receive any portion of her child’s records. On October 26, 2020, the mother filed a complaint with OCR, in response to Paradise Family Dental’s inaction, detailing the practice’s failure to provide access to the child’s PHI. More than eight months after the initial request, the mother finally received the child’s records on December 31, 2020. OCR determined that the practice failed to timely and adequately provide the mother access to her child’s medical records amounting to a potential HIPAA violation. The practice paid a $25,000 fine and also agreed to implement a corrective action plan. 


The trend among these investigations seems to be that once a complaint is filed, providers turn over the requested records. Granted, they will be forced to pay a large fine for the delay. However, OCR seems to be determined to increase compliance with the patient right of access provision and minimize the need for patients to file a complaint with OCR in order to receive their medical records. Hopefully, these investigations got OCR’s message of compliance across, and providers will be more willing to provide patients with timely access to their own information (and to avoid large fines). 



 Works Cited:,or%20for%20the%20covered%20entity  

Monkeypox Declared a Public Health Emergency

Shane Richards, Class of 2023, Belmont Law

On August 4, 2022, the Biden administration declared Monkeypox a public health emergency, with over 8,900 cases being reported across the United States and many more cases being reported globally. The declaration came on the heels of the World Health Organization declaring Monkeypox a “public health emergency of international concern.” A couple months later, the number of cases has nearly tripled to 26,577 across the United States, as reported by the CDC. That is only the number of cases at the time of writing this blog, as the total continues to increase every day. This puts the United States in a unique, yet worrisome, position of facing two national health emergencies at the same time: COVID-19 and Monkeypox.

Specifically, the Health and Human Services Secretary (“HHS”), Xavier Becerra, made the decisive announcement, being empowered by the Biden administration to “explore very option on the table to combat the monkeypox outbreak and protect communities at risk.”  Pursuant to the Public Health Services Act, this declaration will allow the HHS to pursue available options and to better coordinate a national response. Specifically, § 319 allows the HHS to “take such action as may be appropriate” to combat public health emergencies, opening up new avenues for the administration to fund treatment research and get vaccines to effected areas. This initiative is also working in concert with the FDA’s new strategies for the creation and distribution of vaccines. In fact, the FDA has been able to create and prepare a vaccine much faster than with COVID-19. The declaration of a public health emergency will help to expedite the distribution of these new vaccines to the most effected parts of the country. Further, the declaration will allow the HHS to coordinate a national response through vital data sharing agreements with all fifty-one jurisdictions.

If these measures prove inadequate to deal with the emergency, then it’s possible that the HHS could invoke powers under the Public Readiness and Emergency Preparedness Act to increase access to treatment. The President could also invoke emergencies powers, granted by various acts, to increase production of vital medical equipment and vaccines. However, it is not yet clear whether such declarations will be necessary.

It would seem that the Biden administration, and other federal institutions, have learned several valuable lessons from the COVID-19 epidemic, having allocated more than one million vaccine doses in total and organized a united administrative strategy to directly deal with it. However, despite these measures, these institutions are still failing to fully cut this emergency off at the pass, which is why Monkeypox continues to make headlines. The COVID-19 pandemic revealed that the United States lacked vital infrastructure to deal with such public health emergencies, particularly on at the level of a pandemic. Though some efforts have been made to correct some of those fatal mistakes, the response to Monkeypox has faltered in some key areas. Particularly, funding, information sharing, and the procurement of ample supplies, particularly vaccines, have slackened behind. The above-described declarations are designed to relieve these issues before they get too bad, but time will tell if these measures have been taken in a timely fashion or if certain lessons remain to be learned.

Works Cited:,monkeypox%20have%20been%20identified%20in%20the%20U.S.%202

New Precedent: Pharmacy Chains Held to Create a Public Nuisance in Opioid Crisis

Kendall Warden, Class of 2024, Belmont Law

The United States District Court Northeastern District of Ohio, Eastern Division, in a giant MDL encompassing 11 bellwether trials, issued an abatement order on August 17 mandating three giant pharmacy chains to pay a combined $650 million dollars towards the opioid crisis.


This specific track three bellwether trial in the Northern District of Ohio decided: “(1) only public nuisance claims (2) against only the pharmacy defendants (3) in their roles as distributors and dispensers.” After receiving briefs on whether the trial should be to a jury or a bench, the Court concluded “that public nuisance liability will be determined by the jury,” and “if liability attaches, the Court will separately fashion remedies.”


Plaintiffs in this case, Lake County and Trumbull County, sued defendants alleging their actions “led to a severe oversupply of prescription opioids, which ultimately created a public nuisance.” The original defendants included Rite Aid and Giant Eagle, but both companies settled before Phase I of trial. This left CVS, Walgreens, and Walmart as the remaining defendants proceeding to trial. After a six-week presentation of evidence and one week deliberation, the jury found for Plaintiffs and against all three of the defendants. The jury specifically concluded, “that: (1) oversupply of legal prescription opioids, and diversion of those opioids into the illicit market outside of appropriate medical channels, is a public nuisance in [the Plaintiff counties]; and (2) each of the three defendants (CVS, Walmart, and Walgreens) engaged in intentional and/or illegal conduct which was a substantial factor in producing the public nuisance. The jury clearly affirmed that all three defendants had “caused a significant and ongoing interference with a public right to health or safety that is ongoing today. CVS, Walgreens, and Walmart all filed motions claiming the verdict was not supported by the weight of the evidence and requesting a new trial. The Court denied the motions.


In Phase II of the trial, the Court pointed out the depth and extent of the opioid crisis. Specifically, that even if Defendants were found to have created the opioid crisis, there is no possible way they could abate the crisis themselves without additional, and extensive, financial resources. The Court detailed its goal was to provide injunctive relief with the objective not to compensate Plaintiffs for past harm, an award of damages, but instead to offset the costs of abating the nuisance. This is the purpose of an abatement remedy. The scope of an effective abatement remedy in this case includes programs and interventions that will lessen or remove the nuisance condition Defendants created. To no avail, the Court, after providing multiple opportunities to do so voluntarily, ordered the three pharmacy defendants to submit a proposed abatement plan. Frustratingly, “the Defendants did not even attempt to suggest any plausible lesser alternatives,” than Plaintiffs’ expensive, proposed abatement plan.


Plaintiffs’ plan requires Defendants to fund programs to decrease OUD and addiction from the Counties’ populations. Specifically, the effective proper scope includes funding programs for (1) “treatment of those suffering from opioid addiction or OUD, including funding of programs to identify and connect with those individuals; and (2) prevention of opioid abuse and opioid recidivism.” Despite Defendants’ objections that the Court was backhandedly awarding damages to Plaintiffs, the Court’s abatement remedy will inevitably cost Defendants money. Approximately a combined amount of $650 million dollars to be precise.

This is the first time pharmacy chains have been on the hook for paying towards the opioid crisis, and it will be interesting to see how wide the door will open now that it has been cracked. Maybe when a court asks you to provide a reasonable plan, you should provide a reasonable plan.


Azariah Bridgewater, Class of 2024, Belmont Law

From the beginning of the COVID-19 pandemic until now, federal funding has fronted the cost for all persons within the United States to receive vaccines and boosters without payment or proof of insurance. The widespread availability of free COVID-19 vaccines may, however, come to a halt in early 2023 since Congress has not made any plans to fund the purchase of additional vaccines. Consequently, pharmaceutical companies, such as Pfizer Inc. and Moderna Inc., have begun taking steps to commercialize the sale of vaccines and vaccine-related products.

The commercialization of COVID-19 vaccines, tests, and treatments means that they will become available through typical healthcare channels. One byproduct of this transition is that pharmaceutical companies are likely to increase vaccine costs. For example, the federal government currently pays approximately $16.50 per dose of the Moderna vaccine. Once the vaccine is commercialized, Moderna’s CEO anticipates a $60 cost associated for each dose. This forty-dollar price increase will inevitably lead to higher healthcare insurance premiums. 

While many healthcare insurance premiums are likely to increase, the uninsured may soon find that they are unable to obtain vaccination or other COVID-19 treatments. Although federal government officials in charge of managing the transition between federally and privately funded vaccine availability do not desire restricted vaccine access for the uninsured, it is currently unclear what options the uninsured will have. What we know now is that Congress intends to lighten the burden of vaccine and treatment costs through cost-sharing, the Centers for Disease Control and Prevention intends to provide vaccines for uninsured adults and children as long as funding lasts, and the Association of Immunization Managers is dedicated to make sure that the vaccine and COVID-19 related resources are available to all who need them. 

 Works Cited 

Fifth Circuit: Christian Medical Groups Cannot Be Punished for Refusing Abortions and Gender Reassignment Surgery

Shane Richards, Class of 2023, Belmont Law

On August 26, 2022, the Fifth Circuit Court of Appeals handed down a ruling holding that the United States Government cannot punish Christian medical providers for refusing to conduct abortions and gender reassignment surgery. The Court held that punishing a Christian hospital for not conducting such operations would deprive such groups of their religious freedom and constitute a “per se irreparable harm.” It is well established that, while an abortion is a constitutional right, the government cannot force a doctor to provide an abortion against their religious beliefs. Further, most states have enacted statutes to protect doctors from civil actions that may result from a refusal to provide an abortion because of sincerely held religious beliefs. This case, however, reinforces another wrinkle in abortion law and drags another hotly debated topic into the spotlight for discussion: gender reassignment surgery.

This long-running case began in May, 2016, and has spent the last six years winding its way through the system, being remanded to the district court twice. The case began with the HHS’s interpretation of Section 1557 of the Affordable Care Act (“ACA”), which prohibited health care programs receiving federal funds from discriminating against patients “on the basis of sex.” In 2016, the HHS interpreted the rule to include discrimination on the basis of “termination of pregnancy” and “gender identity.” Groups of Christian Medical and Dental associations filed suit for a permanent injunction, challenging the validity of the HHS’s interpretation on religious grounds under the First Amendment, RLUIPA, and RFRA. Throughout the litigation and several administrations, the HHS’s issued several rules on its interpretation in light of new and pending litigation. Then, in March, 2022, the HHS issued a “Notice and Guidance on Gender Affirming Care,” holding that the refusal to give gender-reaffirming care, such as gender reassignment surgery, likely violates Section 1557. Questions of mootness arose because of the various alterations and the HHS asserted that it had not decided whether it would actually enforce Section 1557 against Christian medical providers. The Court rejected this argument.

The HHS also argued that the district court erred in granting a permanent injunction based upon the statute rather than just vacating the 2016 Rule, thereby granting relief beyond the scope of the complaint. However, the Court likewise dismissed this argument, holding that a challenge to an agency’s regulation is necessarily a challenge to the underlying statute as well. In short, the Government cannot eliminate one’s standing by altering an agency’s interpretation of the statute.

With those more procedural questions out of the way, the Fifth Circuit then dedicates only a paragraph to the more substantive part of the ruling that has captured some headlines: that the Government cannot punish Christian doctors, by way of withholding otherwise available federal funds and participation in ACA exchanges, for refusing to conduct abortions and gender reassignment surgeries. The portion of the ruling concerning abortion comes as no surprise and is a logical extension of the general rule that the Government cannot force or coerce a doctor from going against his or her sincerely held religious beliefs concerning abortion.

However, the more interesting part of the holding concerns gender reassignment surgery, making an addition to the growing number of federal cases concerning the constitutionality of gender reassignment surgery and gender identity. This case may be a harbinger for things to come as similar tensions between religious freedom and other constitutional rights also characterize gender reassignment surgery. It certainly, at a minimum, places these questions of gender reassignment surgery under consideration next to abortion, giving it a sort of publicity by proxy. This decision comes only three years after the Campbell v. Kallas decision from the Western District Court of Wisconsin, which mandated that a prison inmate be given the opportunity to undergo gender reassignment surgery. The Court held that prior failures to provide that surgery violated the prisoner’s Eight Amendment protections. However, the Campbell decision has been distinguished in other cases before the Seventh Circuit. Likewise, a case out of the Northern District of Indiana held the opposite of the Wisconsin Court in Renee v. Neal, holding that receiving gender reassignment surgery is not a “clearly established federal constitutional right.” This area of law is still burgeoning, but it will be interesting to see where it goes. Judging by its inclusion next to abortion in this case, similar legal contours may emerge to accommodate the widening acceptance of gender reassignment surgery as a necessary operation protected, to some extent, under the Constitution.

Works Cited:

Franciscan All., Inc. v. Becerra, No. 21-11174, 2022 U.S. App. LEXIS 24142 (5th Cir. Aug. 26, 2022).

Top of Form

Renee v. Neal, 483 F. Supp. 3d 606 (N.D. Ind. 2020).Bottom of Form

How the FTCA Impacts Veterans Rights to Recover for Medical Negligence

Carissa Kohne, Class of 2022, Belmont Law

In 1946, congress passed the Federal Torts Claim Act (FTCA). The purpose of the FTCA was to allow citizens to recover from the government when a government employee engaged in tortious activity.[1] Prior to the FTCA, sovereign immunity barred individuals from receiving compensation for the tortious acts of government employees, which meant citizens could not recover for injuries caused to them, merely because they were caused by a government employee, and not a private citizen.[2] Therefore, Congress passed the FTCA to allow citizens to sue the government in federal court for the tortious acts of its employees and to recover from the government in the same way as they would be able to recover from a civilian for similar activities.[3]  Nevertheless, the FTCA barred veterans from being able to recover from the Department of Veterans Affairs for injuries caused by medical negligence without first going through an administrative process.[4] As a result of the administrative process, many veterans have received compensation for their injuries at a rate that is far below fair market value.[5]

The Department of Veterans Affairs (VA) current administrative process is fraught with obstacles which prevent a veteran from adjudicating their claim quickly and efficiently.[6] Under the FTCA, before a veteran is ever allowed through the courthouse doors, the veteran is required file and administrative claim via the VA’s Form-95—or using the forms format–, and to await a decision from the VA,, before the veteran can file the claim in a federal court.[7] It is important to note that negligence claims against the United States by non-veterans against the government need not file a Form-95 nor are the claims required to be administratively reviewed before being adjudicated.[8]

The Form-95 must contain: 1) a detailed account as to the allegations being made; 2) the specific amount of money that the veteran is requesting in damages, known as a “sum certain;” 3) the signature of either the veteran or their attorney representative.[9] The individual must then mail the form to the VA’s office of general counsel in DC.[10]

After the veteran sends the Form-95, the VA is allowed six months to decide whether they will grant the veteran’s request for damages.[11] Only when the VA has issued a decision as to whether the VA will deny, settle, or grant the damages requested in the claim can an individual bring the case to a federal court.[12]

Unfortunately, there is an incentive for veterans to settle administratively because the administrative process is supposed to take no more than six months, whereas a lawsuit could last for years.[13] Because some victims of medical malpractice have little time left to live—like Thomas Breen who could not get receive timely care and died from cancer as a result–, and other victims are like children who would rather take one cookie than wait for the entire box of cookies, the VA’s administrative process leads to many veterans waiving their right to due process in exchange of an inadequate settlement in the present because they do not want or do not have time to wait an additional six months before beginning the arduous judicial process.[14]  This results in veterans receiving less than $150,000, on average, for administrative claims, when they should be receiving $500,000 through the judicial system, or some fair settlement agreement that is in between the two options.[15] The VA’s unfair administrative process thus results in veterans receiving less in damages than they deserve.

[1] Brown, Paul Michaelson, Federal Torts Claim Act  usab5806.pdf ( (last visited Mar 30, 2022).

[2] Id.

[3] Id.

[4] Id.

[5] Id.

[6] Thomas Law Offices, Veteran malpractice: Filing a VA tort claim Thomas Law Offices (2021), (last visited Apr 8, 2022).

[7] Id.

[8] Id.

[9] Id.

[10] Id.

[11] Id.

[12] Thomas Law Offices, Veteran malpractice: Filing a VA tort claim Thomas Law Offices (2021), (last visited Apr 8, 2022).

[13] VETERANS AFFAIRS (VA) HOSPITAL MALPRACTICE LAWSUIT THE SCHMIDT FIRM, PLLC,,negligent%20doctor%2C%20you%20may%20be%20entitled%20to%20compensation. (last visited Apr 8, 2022).

[14] Price, Kaitlan COMMENT: FERES: THE “DOUBLE-EDGED SWORD”, 125 Dick. L. Rev. 745

[15] Id.

From Paper Restraints to Electronic Ransoms

Shane Richards, Class of 2023, Belmont Law

Just shy of one year ago, the nation’s largest fuel pipeline was ground to a halt because of a criminal ransomware attack. In May 2021, Colonial Pipeline’s system transported 100 million gallons of gasoline per day, supplying gas for 50 million people in America’s southeast and meeting about 45% of the East Coast’s demand for gas.. The ransomware attack brought an abrupt halt to that supply, spurring panic buying and gas shortages. According to a consulting firm, Colonial’s cybersecurity was described by one consultant as being so bad “an eighth-grader could have hacked into the system,” despite recent efforts to improve such security. Colonial Pipeline only resumed operations after paying a $4.4 million dollar ransom to the criminal hackers that shut down the system.

Luckily, the panic buying caused more problems than the actual stoppage and life quickly returned to normal for most American’s effected. However, this incident is not an anomaly. Similar ransomware attacks “have reached epidemic levels,” according to the Associated Press, “as foreign criminal gangs paralyze computer networks at state and local governments, police departments, hospitals …” Following the Colonial Pipeline incident, U.S. officials have expressed concerns that many other organizations have also failed to invest in adequate safeguards, similar to Colonial Pipeline. Organized crime is not the only concern when it comes to ransomware attacks. U.S. officials have noted their concerns that state-backed hackers could do even more damage if given the chance.

One year later, anxiety over cyber security is being raised once again as Russia deploys ransomware attacks against Ukraine. In a March 1, 2022, Analyst Note, the Department of Health & Human Services (“HHS”) examined the two variants of malware that has been used against Ukraine over the past few months, HermeticWiper and WhisperGate. Although there is no specific threat currently known, the HHS identified three potential threat groups: the Russian Government, the Belarussian Government, and criminal organizations operating in Russian territories. The two variants of malware employed by these organizations are classified as “disk-wiping” malware, which is characterized by its ability to completely delete data from the devices it infects. The HHS notes that these two variants are the most likely to impact the health care industry.

These concerns are being reraised as some hail this year as a transformative one for health information technology. Since the passage of the HITECH Act and the 2011 launch of the Medicare and Medicaid Electronic Health Records (“EHR”) incentive programs, 90% of hospitals and health care providers have switched to utilized EHR systems, storing more and more sensitive patient information in electronic systems. It will not stop there, however, as key provisions of the 21st Century Cures Act, passed in 2016, will be implemented this year. Specifically, a few of those key innovations include (1) making information sharing practices a priority across the industry, (2) creating a standardized foundation for security, and (3) implementing a nationwide infrastructure to make information sharing easier. Some hail these updates as freeing the health care industry from paper restraints. Although paper has not yet been “wrung … completely out of health care,” and it likely will not be for some time, the effect of the 21st Century Cures Act is to continue the shift towards a paperless health care system that heavily relies on nationwide digital databases.

There are many clear benefits that come from switching to an EHR system. The ability for one hospital to quickly share patient data with another hospital or another healthcare provider can be the difference between life and death. An EHR system allows doctors to more effectively diagnose patients, reduces overall costs, reduces redoing work already done, keep information up-to-date, and so on. It is a key plank in the current plan to lower overall health care costs in a country where those costs are rampant. However, it does not take much to see how things could go very wrong. It does not take much imagine to see how solely relying on such a system—eliminating the restraints of paper—could be incredibly dangerous in a world of criminal ransomware attacks and cyberwarfare.

Imagination is not even required to see how this might be an issue. It is happening in Ukraine and it has happened here at home. It is an issue that is at the forefront of Lisa Pino’s attention, the Director for the Office of Civil Rights at the HHS. In a recent blog, Pino describes how cyberattacks on hospitals have caused providers to cancel surgeries, radiology exams, and other services in 2021. She makes clear too that it’s not just EHR systems, but other electronic databases that are at risk. Pino recommends several measures to improve cybersecurity, such as maintaining encrypted, offline database backups, conducting regular vulnerability scans, and training employees to avoid common cyber threats, like phishing.

Despite the numerous problems that nationwide electronic databases may alleviate in health care, there is a great potential for new problems to arise. A world now exists with many new possibilities, but it is not without its own, new dangers. It is a world where a small group of criminals can bring vital infrastructure to a halt and where large government-backed groups can employ malware that completely expunges all data in a system. Just by flipping a switch, all that patient data—all of that sensitive and irreplaceable information—disappears. The potential for harm to the health care industry, and its many patients, is immense if proper steps and measures are not taken. Only time will tell how effective protective measures, such as those proposed by Pino, will be. Until then, backups, even in the form of paper, may be the safest option.


Works Cited:

Eight Individuals Defrauded Walter Reed of More Than $3 Million and Are Now Facing Federal Indictment

Sarah Powell, Class of 2023, Belmont Law.


Eight individuals have been charged by a federal grand jury with conspiracy to commit health care fraud, wire fraud, and other related charges resulting from fake medical coding contracts with Walter Reed Military Medical Center and the Defense Health Agency (DHA). Those charged in the indictment are Akbar Masood, 59; Michelle Peebles, 48; Harriet Jackson, 49; Judith Russ, 58; Rhonda Paul, 46; Wesley Williams, 47; Bagnon Jacques Titi, 44; and Alfred Antonio Duncan, 44.

Of those charged are the Chief Finance and Strategy Officer of “Company A,” a Virginia-based company that was a contractor for medical support services to both Walter Reed and DHA, and the President, Vice-President, and Chief Finance and Strategy Officer of “Company B,” another Virginia-based company that provided medical billing and coding services on government contracts. Additionally, former Walter Reed employee, Russ is facing a charge of violating federal employee ethics laws.

It is alleged that beginning in December 2016, Masood, Peebles, and Jackson established a Delaware limited liability corporation, HMA Solutions, to exploit Walter Reed’s need for contracted medical coders. According to the Maryland U.S. Attorney’s Office Release, Masood allegedly used his authority in Company A to subcontract medical coding contacts to HMA without disclosing to other officers in Company A his affiliation with HMA. The three then used the identities of actual medical coders to assert HMA had the ability to perform the job. The U.S. Attorney’s Office further states that Masood, Peebles, and Jackson used the stolen identities to forge signatures on consulting agreements and billable hours to submit to Company A, which then submitted the hours to Walter Reed to be paid for the falsified work. Russ, the former Walter Reed employee, is alleged to have verified the billable hours and was subsequently paid by Company B and did not disclose to Walter Reed officials of the outside income he was obtaining.

The U.S. Attorney’s Office Release further alleges that Masood, Peebles, and Jackson recruited Paul, Williams, Titi, and Duncan to join the scheme and pose as coders working for Company A, although none had any experience in medical coding. It is alleged that collectively Paul, Williams, Titi, and Duncan fraudulently billed Walter Reed over $1 million for their claims alone.

In total, it is alleged that through the fraudulent scheme, the group was able to be reimbursed for $3.3 million worth of work that was never performed from 2016 to 2019. If the defendants are found guilty, they could each face a maximum sentence of 20 years in federal prison for conspiracy to commit health care fraud and wire fraud according to the Maryland U.S. Attorney’s Office Release.



Works cited:

Dangerous Precedent: Criminal Mistake in the Nursing Industry

Will Brandt, Class of 2022, Belmont Law

For an industry that is understaffed and overworked, should tragic medical errors of nurses result in jail time? As of March 25th, in the Davidson County Criminal Court, that answer appears to be yes. Former nurse, RaDonda Vaught, was found guilty of criminally negligent homicide and abuse of an impaired adult by a jury.

Vaught, an employee of Vanderbilt University Medical Center needed to sedate a patient for an MRI. Charlene Murphey, age 75, was that patient. The drug that Vaught needed to retrieve for sedation was Versed, generic name Midazolam, which is a benzodiazepine used to help patients relax before minor medical procedures. In this case, the drug was intended to help the patient relax for a PET scan.

When Vaught attempted to retrieve versed at the medicine dispenser, she searched the list of drugs ordered for Charlene Murphey and typed “ve.” Versed did not come up because the machine was programmed to search for the generic name of the drug. Assuming that Versed had not yet been ordered for this patient, Vaught searched outside of what had been ordered for Murphey, and searched “ve” across “all” medications. Searching for medicine outside of what has been ordered for the patient has effectively been considered as overriding the system. Upon the search of “ve” across “all” medications, the medicine generator produced Vecuronium, which she selected. Unfortunately, Vecuronium is not a sedative, but a neuromuscular blocking agent, therefore causing paralysis. Although frequently used in small doses during anesthesia, the dose that Vaught gave to Murphey was fatal.

A hot point in the trial and the media, seems to be this point where Vaught effectively “overrode” the system to search for medications that had not been ordered to Murphey. Rational minds seem to disagree as there are nurses across the country that have followed this trial and support the sentiment of Vaught’s statement that, “Overriding was something we did as a part of our practice every day. You couldn’t get a bag of fluids for a patient without using an override function.” Many nurses see this prosecution as a dangerous precedent. They state that most nurses can think of a time when they made a mistake.

However, other nurses, like David Mancini have a different opinion: “So, I don’t care that she overrode the system, but, here, she violated her first right. She didn’t know the name of the medication she was administering. This is where the first mistake was made, and this is what set the whole situation into motion.”

Regardless of sentiment and public opinion, Vaught has been found guilty of negligent homicide under T.C.A. 39–13–212, which describes criminally negligent homicide as, “Criminally negligent conduct that results in death constitutes criminally negligent homicide.” Criminal negligence being defined in T.C.A. 39–11–106 as referring to: “A person who acts with criminal negligence with respect to the circumstances surrounding that person’s conduct or the result of that conduct when the person ought to be aware of a substantial and unjustifiable risk that the circumstances exist or the result will occur. The risk must be of such a nature and degree that the failure to perceive it constitutes a gross deviation from the standard of care that an ordinary person would exercise under all the circumstances as viewed from the accused person’s standpoint.”

Ultimately, the jury in the Davidson County Criminal Court found that Vaught grossly deviated from the standard of care that an ordinary nurse in her position would have used. Are the nurses correct in their assessment of dangerous precedent? Will medical professionals be weary of reporting mistakes, or is her conviction warranted?

Works cited

Modern Hurdles to Privacy: Necessary HIPAA Updates

Maddie Gilmore, Class of 2023, Belmont Law.

HIPAA (the Health Insurance Portability and Accountability Act of 1996) was first enacted more than twenty-five years ago. As such, the drafters of that legislation could not foresee the proliferation of new and emerging technologies that collect and process private health information of users which exists today. On February 9, 2022, legislators reached across party lines to come up with a solution to the non-regulation of this private data. HIPAA focused on privacy and preventing potential abuse of private health information of individuals, but only contemplated regulation as to health care providers and the like. What was not contemplated, or regulated, was digital health companies that collect health information directly from consumers.

Although the Department of Health and Human Services Office for Civil Rights (OCR) have attempted to address these companies using interpretive guidance, such guidance is non-binding on the industry. Furthermore, the regulation of digital health companies and data harboring apps is exceedingly difficult to regulate given the untraceability between the initial collection of any given dataset and its ultimate sale and use. Newly proposed bipartisan legislation called The Health Data Use and Privacy Commission Act, is intended to modernize HIPAA. Thus, Congress is attempting to address the problem head-on, by delegating the research and discovery process to individuals better suited than Congress themselves, the job of analyzing modern issues and possible modern solutions to health data privacy.

If passed, the Act would establish a Commission to assess any gaps in the privacy protections under HIPAA resulting from data collection and use by non-covered entities. However, the Act would not only have obvious ripple effects on the application of HIPPA, but other legislation as well, such as Section Five of the FTC Act which gives the Federal Trade Commission its current authority to regulate many direct-to-consumer digital health products that are not subject to HIPAA.

Under the current statutory framework, there are major risks to personal health information (PHI) created by new healthcare technology that extends beyond the scope of HIPAA given the onset of technologies like apps, wearable devices, and social media, and the increase in generating, collecting, using, sharing, and selling PHI. Such actors have generally been beyond the bounds of the Acts reach, creating a necessity to restructure the legislation to account for emerging health care technologies. The Health and Privacy commission formed under the Act, which would be made up of representatives with competing interests (such as providers, health plans, health technology developers, researchers, and consumers) would be charged with conducting research, creating reports, and submitting reform recommendations to Congress and the President.

Interestingly, the proposal may be based on state law, such as the California Consumer Privacy Act of 2018 (CCPA). The Act has been referred to the U.S. Senate Committee on Health, Education, Labor, and Pensions and it is still in its early stages of development. The Act is not only supported by a variety of industry healthcare representatives (such as the Association of Clinical Research Organizations), but also by both Democrat and Republican representatives alike, being bipartisan legislation. This agreement demonstrates the consensus that updates to HIPAA are necessary. Furthermore, the U.S. is now echoing international consensus on this emerging issue and is closely tied to the General Data Protection Regulation (GDPR) which is a European law. If the new Act can apply consistently with the GDPR, then American companies will no longer face two different standards depending on where their operations are taking place.

Works Cited: