USA Law and Practice Contributed by: Nadia de la Houssaye, Allison Bell, Emily Degan Vorhoff and Keiana Palmer, Jones Walker LLP
• flexible guidance approaches that can adapt more quickly than formal rule-making; and • public-private collaborations to develop standards and best practices. Notable limitations include the following: • regulatory fragmentation across multiple agencies creates co-ordination challenges; • significant gaps in oversight of health data collected outside HIPAA-covered entities; • limited resources for enforcement relative to the rapidly expanding digital health sector; • difficulty in keeping pace with technological innovation, particularly in AI/ML applications; and • variation in state regulations, creating compli- ance complexities for national services. Proposed enhancements include: • expanded statutory authority to address health information collected by non-covered entities; • enhanced co-ordination mechanisms between federal and state regulators; • increased resources for technical expertise within regulatory agencies; • development of pre-competitive research col- laborations to establish validation methodolo - gies; and • harmonisation of state telehealth and licen- sure requirements. Several reform initiatives are under considera- tion, including: • federal privacy legislation that would provide comprehensive protection for health data, regardless of the collecting entity; • expanded FDA oversight frameworks for AI/ ML-enabled medical software;
• enhanced cybersecurity requirements for connected medical devices; and • permanent telehealth flexibilities beyond the current temporary provisions. The sufficiency of oversight varies significantly across digital healthcare domains. While tradi- tional medical devices have well-established regulatory pathways, newer technologies such as AI diagnostics and consumer health platforms operate in areas where regulatory frameworks are still evolving. Striking the appropriate bal- ance between enabling innovation and ensuring adequate protection remains an ongoing chal- lenge for regulators. 4. Liability 4.1 Legal Risks of Digital Healthcare Digital healthcare presents numerous legal risks and challenges across several domains. Non-compliance with regulations includes: • HIPAA/HITECH violations resulting from inadequate data security measures, improper disclosure of protected health information, or failure to conduct required risk assessments; • FDA regulatory violations related to market- ing unapproved medical devices or making claims exceeding authorised indications; • licensing infractions when telehealth services cross state lines without appropriate provider licensure; • corporate practice of medicine violations when technology companies improperly influ- ence clinical decision-making; and • reimbursement compliance issues, particu- larly as telehealth billing rules continue to evolve.
158 CHAMBERS.COM
Powered by FlippingBook