The ability of OCR to enforce expansive portions of its controversial web tracking guidance has been severely limited. A federal district court ruled that the guidance exceeded the agency’s authority, and in particular...more
The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) updated its guidance concerning compliance obligations for HIPAA covered entities and business associates using online tracking...more
Responding to incidents impacting consumer health and wellness technologies, including apps, will be more complex under proposed breach notice rules by the U.S. Federal Trade Commission (“FTC”). Businesses have until August...more
This week the U.S. Department of Health and Human Services, the agency responsible for HIPAA enforcement, announced the formation of three new divisions within the Office for Civil Rights (“OCR”). The new divisions –...more
Health companies cannot use online tracking technologies like other consumer organizations. This refrain, repeated frequently by regulators, litigants and the media in recent months, may now have found its clearest voice in...more
Covered Entities and Business Associates must comply with HIPAA in their use of online tracking technologies, including cookies, pixels or similar code. The U.S. Department of Health and Human Services (HHS), Office for Civil...more
12/8/2022
/ Business Associates ,
Compliance ,
Covered Entities ,
Department of Health and Human Services (HHS) ,
Electronic Medical Records ,
Electronic Protected Health Information (ePHI) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
New Guidance ,
OCR ,
PHI ,
Tracking Systems
The US Department of Health Human Services (HHS) is seeking public comments about the appropriate role of “recognized security practices” in enforcement of the HIPAA Security Rule. Congress, through an amendment to the HITECH...more
States continue to enact laws targeting the protection of genetic data with two important developments in California and Florida. California’s Genetic Information Privacy Act (“GIPA”), which came into effect on January 1,...more
There has been a significant development in the ongoing debate regarding the scope of the authority of the Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) to issue penalties under the Health...more
HIPAA Privacy Rule changes that have the potential to significantly impact patients, covered entities, and business associates were proposed by the Department of Health and Human Services (HHS) in a Notice of Proposed...more
In a dramatic turn, the US Department of Health and Human Services (HHS) has announced that effective immediately, penalties for many HIPAA violations will be subject to substantially reduced limits. ...more
This is the sixth installment in Hogan Lovells’ series on the California Consumer Privacy Act.
The California Consumer Privacy Act of 2018 (CCPA) adds another set of privacy requirements for health and life sciences...more
10/8/2018
/ California Consumer Privacy Act (CCPA) ,
Clinical Trials ,
CMIA ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Exemptions ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Life Sciences ,
Nonprofits ,
Personally Identifiable Information ,
Privacy Laws