The U.S. Department of Health and Human Services, Office of Civil Rights (OCR) recently updated its controversial, year-old guidance document on the use of online tracking technologies by healthcare providers and other...more
4/29/2024
/ American Hospital Association ,
Business Associates ,
Department of Health and Human Services (HHS) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Hospitals ,
OCR ,
PHI ,
Regulatory Requirements ,
Technology ,
Tracking Systems ,
Web Tracking
Principal Liz Heddleston was recently interviewed by HCPro for a story published on April 8, 2024, discussing the rising threat of ransomware attacks for healthcare providers. The story highlights lessons learned from a...more
A healthcare organization’s online presence is an important component of its reputation. Occasionally, dissatisfied patients will post negative reviews about healthcare services on social media and customer review platforms...more
8/3/2023
/ Cybersecurity ,
Data Privacy ,
Data Protection ,
Electronic Protected Health Information (ePHI) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Internet ,
OCR ,
Online Commentary ,
Online Platforms ,
Online Reputation ,
Online Reviews ,
Websites
A patient surfs a hospital system’s website and reads an article about depression and anxiety. The patient then searches the hospital’s website for mental health providers in the area. A few hours later, the patient logs into...more
4/4/2023
/ Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Department of Health and Human Services (HHS) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Marketing ,
New Guidance ,
OCR ,
Personal Information ,
PHI ,
Privacy Laws ,
Technology Sector ,
Web Tracking
A strong cybersecurity program can help defend against cyber attacks and protect sensitive patient data. Thanks to a 2021 amendment of the HITECH Act, when a breach occurs, it can also reduce enforcement penalties. The...more
11/10/2022
/ Cyber Attacks ,
Cybersecurity ,
Cybersecurity Act of 2015 ,
Data Breach ,
Data Security ,
Department of Health and Human Services (HHS) ,
Enforcement ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HITECH Act ,
NIST ,
OCR ,
Penalties ,
Policies and Procedures
Elizabeth Barry Heddleston Associate Now is a great time for healthcare providers to assess their compliance with HIPAA’s right of access requirements. Not only is this a hot area of enforcement, patients’ rights to access...more
2/22/2021
/ Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Enforcement Actions ,
Health Care Providers ,
Health Information Technologies ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Privacy Rule ,
Medical Records ,
OCR ,
Records Request ,
Right of Access ,
Risk Management