NIH Removes Advanced Permission for Conference Grant Applications

The National Institutes of Health (NIH) has removed the requirement for advanced permission for conference grant applications under activity codes R13 and U13. This change aims to reduce administrative burden for applicants, with modifications to the NIH Grants Policy Statement and relevant NOFOs forthcoming.

NIH Reminder: IRB Approval Certification Required Before Award

The National Institutes of Health (NIH) issued a notice reminding the extramural research community that certification of Institutional Review Board (IRB) approval is required before award for nonexempt human subjects research. Funds cannot be used for such research without this certification, which must be the date of final IRB approval, not pending or expired.

HRSA Lowers Out-of-Pocket Medication Costs at Health Centers

The Health Resources and Services Administration (HRSA) has issued updated award terms requiring HRSA-funded health centers to provide insulin and injectable epinephrine to low-income patients at or below the price paid by the center through the 340B Drug Pricing Program. This action aims to lower out-of-pocket costs for life-saving medications nationwide.

HRSA Health Centers Served Record 32.4 Million Patients in 2024

The Health Resources and Services Administration (HRSA) announced that HRSA-funded health centers served a record 32.4 million patients in 2024. The data highlights quality improvements and recognizes nearly 1,000 health centers with Community Health Quality Recognition badges.

HRSA 340B Rebate Model Pilot Program Application and Comment Period

The Health Resources and Services Administration (HRSA) has announced a voluntary 340B Rebate Model Pilot Program for 2026 drugs. HRSA is seeking public comment on the application process for manufacturers and the pilot program itself, with a 30-day comment period.

Comstar, LLC HIPAA Resolution Agreement and Corrective Action Plan

The US Department of Health and Human Services (HHS) has entered into a resolution agreement with Comstar, LLC, a business associate under HIPAA. Comstar will pay $75,000 and comply with a corrective action plan to resolve alleged violations of HIPAA's Privacy, Security, and Breach Notification Rules following a ransomware attack affecting 585,621 individuals.

HHS Settles HIPAA Breach Case with BST CPAs for $175,000

The U.S. Department of Health and Human Services (HHS) has settled a HIPAA breach case with BST & Co. CPAs, LLP for $175,000. The settlement resolves allegations that BST failed to conduct a risk analysis following a ransomware attack that impacted the protected health information of 170,000 individuals.

Deer Oaks HIPAA Resolution Agreement and Corrective Action Plan

The US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has entered into a Resolution Agreement and Corrective Action Plan with Deer Oaks, a covered entity under HIPAA. The agreement resolves allegations of impermissible disclosure of protected health information (PHI) and a subsequent data breach, requiring Deer Oaks to pay a resolution amount and implement corrective actions.

HHS - Syracuse ASC Pays $250,000 for HIPAA Violations

The U.S. Department of Health and Human Services (HHS) has reached a resolution agreement with Syracuse ASC, L.L.C. for violations of HIPAA Rules. Syracuse ASC will pay $250,000 and comply with a Corrective Action Plan to address failures in risk analysis and timely breach notifications.

MMG Fusion Settles HIPAA Violations for $10,000

The US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has reached a resolution agreement with MMG Fusion, LLC, a business associate handling protected health information (PHI). MMG Fusion will pay $10,000 to settle alleged violations of HIPAA's Privacy, Security, and Breach Notification Rules following a data breach that exposed patient information.