As we reflect on the flurry of activity in the health care data privacy and security space in 2023 and look ahead to what will continue to be a busy 2024, we are seeing the early stages of federal agency movement to align the...more
1/26/2024
/ Artificial Intelligence ,
Cybersecurity ,
Data Breach ,
Data Security ,
Department of Health and Human Services (HHS) ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
Healthcare ,
HIPAA Privacy Rule ,
Information Blocking Rules ,
Mental Health ,
Notice of Proposed Rulemaking (NOPR) ,
OCR ,
Popular ,
Privacy Laws ,
Regulatory Agenda ,
Reproductive Healthcare Issues ,
Request For Information ,
SAMHSA ,
Substance Abuse ,
Transparency
Covered entities, business associates, and any entities that collect health information about consumers online should carefully review the latest joint letter from the Office for Civil Rights (OCR) and the Federal Trade...more
7/25/2023
/ Cybersecurity ,
Data Collection ,
Data Privacy ,
Federal Trade Commission (FTC) ,
FTC Act ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
OCR ,
PHI ,
Third-Party ,
Tracking Systems
Washington greatly expanded the protection for consumers’ identifiable health information by enacting the “My Health My Data Act” (MHMDA), in an effort to close the gap between HIPAA protections and the laws protecting the...more
In April, 2020, in an effort to facilitate a national pivot to telehealth in light of the COVID-19 Public Health Emergency (PHE), the U.S. Department of Health & Human Services Office for Civil Rights (OCR) announced a policy...more
5/2/2023
/ Business Associates Agreement (BAA) ,
Coronavirus/COVID-19 ,
Department of Health and Human Services (HHS) ,
Due Diligence ,
Enforcement ,
Health Insurance Portability and Accountability Act (HIPAA) ,
OCR ,
Public Health Emergency ,
Security Risk Assessments ,
Subcontractors ,
Vendors
As illustrated by a recent Office for Civil Rights (OCR) settlement with a dental practice, health care entities continue to struggle with how to respond to negative online reviews while maintaining compliance with the HIPAA...more
Covered Entities and Business Associates should promptly and carefully review their use of online tracking technologies on their websites and mobile apps following a bulletin (Bulletin) published by the U.S. Department of...more
12/8/2022
/ Class Action ,
Compliance ,
Data Collection ,
Dobbs v. Jackson Women’s Health Organization ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Mobile Apps ,
OCR ,
PHI ,
Reproductive Healthcare Issues ,
Risk Assessment ,
Websites