Pittsburg, PA

Tucker Arensberg, P.C.
Tucker Arensberg, P.C.
One PPG Place, Suite 1500
Pittsburgh, PA 15222
(412) 566-1212
(412) 594-5619
Directions to Pittsburgh

Harrisburg, PA

Tucker Arensberg, P.C.
Tucker Arensberg, P.C.
300 Corporate Center Drive, Suite 200
Camp Hill, PA 17011
(717) 234-4121
(717) 232-6802
Directions to Harrisburg

New York, NY

Tucker Arensberg, P.C.
Tucker Arensberg, P.C.
250 Park Avenue, Suite 1508, 7th Floor
New York, NY 10171
(212) 739-7910
(212) 739-9607
Directions to New York

Foster City, CA

Tucker Arensberg, P.C.
Tucker Arensberg, P.C.
1098 Foster City Boulevard, Suite 106 #700
Foster City, California 94404
(650)208-2701
Directions to Foster City

Widget Title

  • People
  • Practice Areas
  • News + Insights
    • News
    • Articles
    • Speaking
  • Office Locations
    • Pittsburgh
    • Harrisburg
    • New York
    • Foster City
  • About the Firm
    • Overview
    • Careers
    • Diversity
    • Women@Tucker
    • Affiliations
    • Pro Bono & Community

Title

  • Skip to primary navigation
  • Skip to content
  • Skip to primary sidebar

Tucker Arensberg, P.C.Tucker Arensberg, P.C.

Attorneys in Pittsburgh, Harrisburg, New York City

  • People
  • Practice Areas
  • News + Insights
  • About Our Firm
  • COVID 19: Answers to Business Challenges
ShareBookmarkPDF

Cybersecurity AKS Safe Harbor and Stark Exception

Privacy, Technology and Data Security December 3, 2020

Michael A. Cassidy
Tucker Arensberg, P.C.
December 2, 2020

EHR Safe Harbor Permanent

The existing electronic health records items and services Safe Harbor in 42 CFR Section 1001.952(y) was amended by deleting the sunset provision, thereby making the protection permanent.

Cybersecurity Technology and Services

A new Safe Harbor for cybersecurity and technology services is added in 42 CFR Section 1001.952(jj) to facilitate improved cybersecurity.  The announcement states the healthcare sector is one of the most targeted industry sectors and that data breaches may have cost U.S. hospitals $6.2 billion in 2015 and 2016 – although these regulations will not be effective until 2021!

The new Safe Harbor provides that “remuneration” will not include non-monetary remuneration consisting of cybersecurity technology and services “necessary and used predominantly to implement, maintain or reestablish effective cybersecurity” if:

  1. The donor does not take into account the value or volume of referrals or other business in determining eligibility and is not conditioned upon future referrals.
  2. The recipient does not make the donation a condition of doing business with the donor.
  3. A general description of the donation and the recipient’s contribution, if any, is set forth in writing and signed by the parties.
  4. The donor does not shift the costs of the donation to a federal healthcare program.

Cybersecurity is defined as the process of protecting information by preventing, detecting and responding to cyberattacks.

Technology is defined as software or other types of information technology(?)

The Stark Exceptions definitions have been amended to add “cybersecurity technology and related services” in 42 CFR Section 411.351(bb) as an exception to prohibited compensation arrangements, but retains the requirement that physicians bear 15% of the costs.

Primary Sidebar

Cybersecurity AKS Safe Harbor and Stark Exception

Related

People

  • Michael A. Cassidy

Practice Areas

  • Privacy, Data Security & Technology
© 2022 All Rights Reserved|Tucker Arensberg, P.C.|Log in|Powered by Content Pilot
  • Sitemap
  • Disclaimer
  • Privacy Policy