In response to increased cybersecurity threats and significant regulatory enforcement actions, on Dec. 27, 2024, the Department of Health and Human Services (HHS) issued a Notice of Proposed Rulemaking seeking to enhance cybersecurity protections under the Security Rule implemented pursuant to the Health Insurance Portability and Accountability Act of 1996. While the proposed rule is

WindRose Health Investors has announced a strategic investment in CIVIE.

CIVIE, founded in 2018 and based in Plano, Texas, is an artificial intelligence-powered ecosystem of radiology solutions.

WindRose, founded in 2000 and based in New York, pursues equity investments in healthcare companies. The firm invests in a broad range of industry segments, including

insurance-disaster-social

Following the recent catastrophic wildfires that have affected California, businesses need assistance navigating the ins and outs of insurance coverage and the claims process and ultimately protecting their interests if litigation ensues. Whether it’s wildfires in California, hurricanes along the Atlantic and Gulf coasts, tornadoes in the Midwest, or infrastructure failures in major population centers,

On December 27, 2024, the United States Court of Appeals for the Second Circuit decided United States ex rel. Camburn v. Novartis Pharmaceuticals Corporation and joined a growing list of federal circuit courts that have adopted what the Second Circuit called the “at least one purpose rule”. This rule provides that defendants have violated the Anti-Kickback Statute (“AKS”), 42 U.S.C. §1320a-7b so long as at least one purpose of the alleged remuneration at issue (as opposed to the sole or main purpose) was to induce patient referrals, even if there were other, legitimate reasons for the payment. 

McGuireWoods partner and host Geoff Cockrell invites Government Investigations & White Collar Litigation partners Mindy Sauter and Mike Elliott to discuss compliance and regulatory challenges within private equity healthcare investments. As Mindy explains, private equity groups are sensitive to compliance issues because they bring in individual entities that tend to function in a siloed

Another flurry of court activity has further muddied the Corporate Transparency Act (CTA) waters, leaving additional uncertainty about its enforceability. 

You may recall that on December 26, 2024, the Fifth Circuit vacated its own order granting the Government’s motion to stay the district court’s preliminary injunction, leaving FinCEN unable to enforce the CTA and lifting any filing obligations.  FinCEN has acknowledged the stay and is accepting voluntary beneficial ownership reports.  Though the Fifth Circuit’s expedited briefing schedule provided Reporting Companies some sense of timing to analyze their reporting obligations (oral arguments are scheduled for late March), there is a possibility that Reporting Companies may have even less time than expected. 

On Jan. 7, 2025, the Department of Justice announced that R&K Enterprises agreed to pay over $2.6 million to resolve allegations under the False Claims Act, 31 U.S.C. §§ 3729-3733, among other causes. The settlement was predicated on allegations that the company represented it was a small business eligible for certain small business set-aside contracts

New Mountain Capital has announced it will acquire Machinify.

Machinify, founded in 2016 and based in Palo Alto, California, is a provider of artificial intelligence (AI)-powered software focused on healthcare claims and payments.

New Mountain, based in New York, is a growth-oriented investment firm. Founded in 1999, the firm manages private equity, credit and

The SEC public company cyber disclosure rule raises issues that companies should consider in reviewing existing insurance coverage and in assessing overall risk. 

The SEC recently adopted a new cybersecurity disclosure related rule (the “SEC Cyber Disclosure Rule”)[1] in response to increasing risks associated with cyber incidents and a perceived need for investors to receive more fulsome corporate disclosures about cybersecurity risks, governance, and material incidents.  In prior efforts to improve consistency and accuracy of public company cybersecurity risk disclosures, the SEC issued interpretive guidance explaining how cybersecurity risk and incidents should be communicated based on long-standing requirements to periodically—and as needed—disclose material information to shareholders.[2]  But in spite of this guidance, in the SEC’s view corporate disclosure practices remained inconsistent, under-disclosure persisted, and investors lacked consistent information by which they could evaluate public companies’ cybersecurity risk.  In July 2023, the SEC adopted the SEC Cyber Disclosure Rule, which mandated new disclosures among other things, and which became effective in December 2023.