April 18, 2016
In an important recent decision, the Sixth Circuit Court of Appeals confirmed that a qui tam relator’s claim that her former husband improperly accessed electronic protected health information (e-PHI) of her and her relatives in violation of the Health Information Technology for Economic and Clinical Health Act (HITECH Act or the Act) could not support an FCA violation. U.S. ex rel. Sheldon v. Kettering Health Network, 2016 WL 861399 (6th Cir. Mar. 7, 2016).

As a result, providers should take comfort in the Court’s conclusion that HITECH “does not impose a strict liability regime penalizing security that is not perfect” but instead mandates that providers “have reasonable and appropriate processes and procedures in place to prevent, detect, contain, and correct security violations” and generally that HITECH violations did not support FCA liability.

To view the full alert, click here.