Phillips & Cohen partner Colette Matzzie discusses the connection between a cybersecurity failure and the False Claims Act with the newsletter, Report on Medicare Compliance:
To connect the dots between a cybersecurity failure and the FCA, DOJ has to have evidence of a knowing violation, said attorney Colette Matzzie, with Phillips and Cohen in Washington, D.C.
“It wouldn’t have just been a breach,” she noted. “And whether it becomes a False Claims Act case depends on whether there’s federal funding behind it. Software manufacturers should assume if their software is being used to protect protected health information and the system is being paid in part by federal or state funds, the federal or state false claims acts will apply. It would be a straightforward application of a contractual or regulatory requirement. It happened to be a contract in this case but if regulations require cybersecurity technology, and there is federal or state money, that also could be enforced.”
Read the entire article in the newsletter Report on Medicare Compliance, “DOJ Again Deploys FCA in Cybersecurity Case; Florida Medicaid Contractor Was Hacked.”