HITRUST Says Healthcare’s Anti-Kickback Laws Should Have an Exemption for Cybersecurity Software and Services

February 20, 2017
627 Views

In a letter this week, HITRUST asked the Senate HELP Chairman Lamar Alexander to consider an exemption to the Stark Law for the donation or subsidization of security software.

HITRUST asserted that healthcare entities, particularly doctors’ offices, are often poorly prepared to defend themselves from hackers. But if they could receive help from larger hospital systems, that could change.

“Small, ill-equipped practices are vulnerable to security breaches, which can ultimately infiltrate the larger healthcare environment through the exchange of patient data,” wrote Dan Nutkis, chief executive of HITRUST. “Again, we need to empower physician practices to actively manage their security posture, not hinder them.”

It should be noted, however, that such help, in the form of software or other technology and management help, could be misinterpreted as a kickback under the Stark Law, which aims to prevent referrals between doctors who have a business relationship.

The Stark Law governs physician self-referral for Medicare and Medicaid patients and serves as a stringent barrier against fraud and abuse amongst healthcare providers.

View the HITRUST Stark Exception Congressional Letter

Share this with your friends...Share on Google+Tweet about this on TwitterShare on LinkedInEmail this to someone

You may be interested

Improving Cloud Security with a Shared Responsibility Model
CISO Corner
shares617 views
CISO Corner
shares617 views

Improving Cloud Security with a Shared Responsibility Model

Sierra Reed - Jan 07, 2019

HITRUST streamlines the process to determine who’s responsible for what security controls among your service providers By Hector Rodriguez, Worldwide…

From Providers to Patients: Time to Protect the Entire Healthcare Supply Chain
Leadership
shares545 views
Leadership
shares545 views

From Providers to Patients: Time to Protect the Entire Healthcare Supply Chain

Lacy Deatrich - Dec 18, 2018

Written by Taylor Lehmann, Chief Information Security Officer, Wellforce The patient-care ecosystem is a complex mix of healthcare providers, payers…

New National Risk Management Center to Help Combat Cybersecurity
Security
shares2969 views
Security
shares2969 views

New National Risk Management Center to Help Combat Cybersecurity

Lacy Deatrich - Aug 24, 2018

Details forthcoming in new Department of Homeland Security initiative Written by Carl Anderson, Chief Legal Officer & Senior Vice President…