It may surprise many who have observed the recent media attention of data breaches to learn that in the world of Cybersecurity, sometimes it’s the oldest attacks that find new life when they are applied in new ways. Phishing attacks, a form of social engineering where hackers try to trick their victims into revealing confidential information by impersonating as something legitimate, has been around for years. Fictional movies more than 20 years old depicted forms of phishing that are still in use today: The 1983 movie “Wargames” portrayed the fictional teenage hacker David Lightman deeply researching the original developer of the WOPR supercomputer to determine his back-door password “Joshua.” Today, the same type of spear phishing attacks used the movie, those that are directed towards a specific target through in-depth research of the individual’s background, are on the rise. While fortunately few attacks are likely to threaten a global thermonuclear war, it can be difficult to recover a company’s stability or an individual’s identity for victims of these attacks. Continue reading this entry
After repeated public statements warning companies that might seek to stifle whistleblowers, the U.S. Securities and Exchange Commission (SEC) has brought its first enforcement action relating to language in confidentiality agreements that the SEC believes could impede whistleblowers from reporting potential violations of the securities laws. As discussed in more detail below, this action suggests that companies should re-examine their employment policies, severance agreements, codes of conduct, and any other practices utilizing language regarding confidentiality. Notably, the SEC views overly restrictive agreements as problematic, even without evidence that any whistleblower actually has been deterred from whistleblowing activity.
Continue reading this entry
The Supreme Court ruled, on March 31, in a 5-4 decision, that hospitals and all other providers cannot sue to force a state to pay higher Medicaid rates. The name of the case is Armstrong v. Exception Child Center. In Armstrong, the plaintiffs were a group of Idaho providers that furnish “habilitation services.” These are in-home care services, and the providers contended that but for the provision of such services, the Medicaid recipients would require care provided in a hospital or a nursing facility or intermediate care facility for the mentally retarded. Continue reading this entry
The Centers for Medicare & Medicaid Services (“CMS”) released the Stage 3 proposed rule to the Medicare and Medicaid Electronic Health Records Incentive Programs (“Proposed Rule”) on March 20, 2015. To provide context, eligible professionals (“EPs”) and hospitals must attest to demonstrating meaningful use of certified electronic health record (“EHR”) technology to qualify for incentive payments through the Medicare and Medicaid EHR Incentive Programs. Failure to demonstrate meaningful use generally results in negative payment adjustments under the Medicare program for EPs and hospitals, unless an EP or hospital qualifies for a hardship exception. The criteria used by CMS to determine meaningful use by providers has evolved over three stages of rulemaking. Continue reading this entry
The Senate adjourned around 3:30 a.m. Friday, March 27, 2015 without passing legislation to hold off a scheduled 21 percent cut in Medicare physician payment rates.
Senate leadership was unable to get all 100 senators to agree to fast track a House-passed bill that would halt the reimbursement cut and transition the Medicare physician payment system into one that values quality outcomes. Senate Majority Leader Mitch McConnell (R-KY) promised the chamber would take up the measure “very quickly” when it returns on April 13. Continue reading this entry