News & Analysis as of

Breach Notification Rule Health Insurance Portability and Accountability Act (HIPAA) Healthcare

Health Care Compliance Association (HCCA)

OCR: Rule Halts Disclosures Under ‘Presumption of Lawfulness,’ Shares Model Attestation Form

Attestations are at the heart of permissible disclosures under the HHS Office for Civil Rights’ (OCR) new reproductive health privacy rule—and OCR wants covered entities (CEs) and business associates (BA) to use them now. The...more

Quarles & Brady LLP

FTC Publishes Final Rule amending Health Breach Notification Rule

Quarles & Brady LLP on

The Federal Trade Commission (“FTC”) recently published its Final Rule amending the Health Breach Notification Rule (“HBNR”). The updated HBNR, which regulates entities that handle certain personal health information, other...more

ArentFox Schiff

Providers Face HIPAA Compliance Questions After Change Healthcare Cyberattack

ArentFox Schiff on

Who will notify the potentially millions of individuals whose information might have been jeopardized by the massive cyberattack on Change Healthcare? Since the affiliate of UnitedHealth Group (UHG) first reported the...more

Whiteford

Client Alert: What You Need to Know About the FTC’s Changes to the Health Breach Notification Rule and How to Comply

Whiteford on

The Federal Trade Commission (FTC) issued a final rule to amend its Health Breach Notification Rule (HBN Rule). The HBN Rule requires certain entities that handle unsecured personally identifiable health data to notify...more

King & Spalding

FTC Announces Final Rule Sweeping Consumer Digital Health Tech Under the Health Breach Notification Rule

King & Spalding on

On April 26, the Federal Trade Commission (FTC) approved its Final Rule revising the Health Breach Notification Rule (HBNR) (“Final Rule”) by a 3-2 vote. The HBNR requires vendors of personal health records (PHR) and related...more

McDermott Will & Emery

FTC Amends Health Breach Notification Rule to Regulate Health Apps and Expand Breach Notification Requirements

McDermott Will & Emery on

On April 26, 2024, the Federal Trade Commission (FTC) issued a final rule to amend its Health Breach Notification Rule (HBN Rule). The HBN Rule works as a complement and counterpart to the breach notification requirements...more

Spilman Thomas & Battle, PLLC

The Health Record - Healthcare Law Insights, Issue 1, May 2024

Welcome to our inaugural issue of The Health Record - our healthcare law insights e-newsletter! As such, we wanted to pull together our insights and pass them along to you. Our goal is to create a publication that is...more

Wyrick Robbins Yates & Ponton LLP

Don’t Call It a Breach Rule: FTC Health Breach Notification Rule Has Been Here for Years, Now Updated to Serve as a Backdoor...

As our loyal Practical Privacy readers may remember, back in December of 2021, the Federal Trade Commission (the “FTC” or “Commission”) began a rulemaking process to update the Commission’s Health Breach Notification Rule...more

Health Care Compliance Association (HCCA)

UHG’s Breach Response May Prove Enlightening for Others

Organizations typically deal with ransomware attacks out of the public eye, but the massive scale of United Healthcare Group’s (UHG) February breach made that an impossibility. UHG CEO Andrew Witty was recently on the hot...more

Seyfarth Shaw LLP

Keeping with the Times - FTC Expands Scope of Health Breach Notification Rule, Even as HHS Announces Its Own HIPAA Update

Seyfarth Shaw LLP on

On April 26, 2024, the Federal Trade Commission (“FTC”) announced it had finalized changes to modernize the Health Breach Notification Rule (the “HBNR”) by clarifying its applicability to health and wellness apps and other...more

King & Spalding

FTC Finalizes Amendments to Health Breach Notification Rule Aimed at Clarifying its Application to Health Applications and Similar...

King & Spalding on

On April 26, 2024, the Federal Trade Commission (FTC) released a pre-publication version of its final changes to the Health Breach Notification Rule (HBNR) designed to clarify the scope of the HBNR, including its coverage of...more

Foley Hoag LLP - Security, Privacy and the...

FTC's Updated Health Data Breach Rule Covers Apps, Other New Tech

The FTC has updated its HBNR to clarify that the rule also restricts marketing practices involving personal health information. This update to the HBNR was announced on April 26, 2024, and follows several recent enforcement...more

Nelson Hardiman, LLP

Decades in the Making: 42 CFR Part 2’s Transformation After 50 Years

Nelson Hardiman, LLP on

It’s widely known but seldom said that many of the biggest challenges in our healthcare system stem from how its laws and regulations were written by many hands working decades apart. Inevitably, as revisions and overlapping...more

Nossaman LLP

Proposed Changes to the Health Breach Notification Rule

Nossaman LLP on

On May 18, 2023 the Federal Trade Commission (FTC) released a Notice for Proposed Rule Making (NPRM) for updates to the Health Breach Notification Rule, 16 C.F.R. Part 318 (the Rule). The Rule serves to ensure entities that...more

Epstein Becker & Green

FTC Highlights Risks to Data in a Post-Dobbs World

Epstein Becker & Green on

The 21st Century digital age has provided women with numerous sexual and reproductive health tools that track periods, ovulation, and pregnancy. By simply plugging certain health data inputs into these apps, women can now...more

Nelson Mullins Riley & Scarborough LLP

FTC Proposes to Vastly Expand the Health Breach Notification Rule

The Federal Trade Commission (FTC) recently proposed changes to the Health Breach Notification Rule (Rule), enacted in 2009, to clarify that the Rule applies directly to an estimated 170,000 health and wellness mobile...more

Sheppard Mullin Richter & Hampton LLP

FTC Looks to Update Health Breach Notification Rule, Targeting Digital Health Industry

The FTC recently proposed amendments to the Health Breach Notification Rule (HBNR). This is on trend with its aggressive interest over the last couple of years in health data not covered by HIPAA....more

Perkins Coie

FTC Claims Sharing User Health Data With Advertising Platforms Is a “Security Breach”

Perkins Coie on

For the first time, the Federal Trade Commission has brought an enforcement action under its 2009 Health Breach Notification Rule (HBNR). The case was brought against a digital health company, GoodRx Holdings, Inc., for...more

Orrick, Herrington & Sutcliffe LLP

FTC bans health vendor from sharing consumer info with advertiser

On February 1, the DOJ filed a complaint on behalf of the FTC against a telehealth and prescription drug discount provider for allegedly violating the FTC Act and the Health Breach Notification Rule by failing to notify...more

Robinson+Cole Data Privacy + Security Insider

Mobile Health Apps and the FTC’s Health Breach Notification Rule: New Enforcement Initiative Coming

Mobile health apps are growing in popularity and their number is increasing every year. Many of us find it convenient to use an app to schedule medical appointments, check medical records, track and store health data, and...more

Sheppard Mullin Richter & Hampton LLP

FTC Warns Digital Health Industry to Comply with its Breach Notification Rule

The use of apps, wearables, and other devices used to track health and wellness data have continued to rise. The FTC again signaled its focus on this growing industry in a statement on the scope of the Health Breach...more

Perkins Coie

California Issues New Regulations on Notification Obligations for Medical Information Breaches

Perkins Coie on

Certain California-licensed healthcare facilities are now subject to additional breach reporting obligations pursuant to regulations (Regulations)[1] issued by the California Department of Public Health (Department) on July...more

Orrick, Herrington & Sutcliffe LLP

Don’t Wait for It; Recent HIPAA Enforcement Action Signal More to Come in Phase 2 Audits

Officials at the U.S. Department of Health and Human Services Office of Civil Rights (HHS OCR) have recently selected a vendor to conduct the second wave of HIPAA audits. These so-called “Phase 2 Audits” are set to commence...more

Orrick, Herrington & Sutcliffe LLP

Don't Wait for It; Recent HIPAA Enforcement Action Signal More to Come in Phase 2 Audits

Officials at the U.S. Department of Health and Human Services Office of Civil Rights (HHS OCR) have recently selected a vendor to conduct the second wave of HIPAA audits. These so-called "Phase 2 Audits" are set to commence...more

Troutman Pepper

How to Avoid and Respond to a Cybersecurity Breach

Troutman Pepper on

In light of numerous recent data breaches, cybersecurity has emerged as an issue impacting organizations ranging from the local hardware store to the largest multi-national firms in the world. In short, no industry is immune...more

35 Results
 / 
View per page
Page: of 2

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide