Artificial intelligence (AI) is rapidly reshaping the digital health sector, driving advances in patient engagement, diagnostics, and operational efficiency. However, for Privacy Officers, AI’s integration into digital health...more
5/9/2025
/ Artificial Intelligence ,
Bias ,
Compliance ,
Data Privacy ,
Data Security ,
Digital Health ,
Health Insurance Portability and Accountability Act (HIPAA) ,
PHI ,
Privacy Laws ,
Regulatory Requirements ,
Risk Management
The New York Health Information Privacy Act (NYHIPA), if enacted, could create a chilling effect on patient access and engagement to readily available digital health care services relied upon by New Yorkers. Digital health...more
1/24/2025
/ Compliance ,
Data Privacy ,
Digital Health ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Mental Health ,
New Legislation ,
New York ,
Patient Privacy Rights ,
Privacy Laws ,
Regulatory Requirements ,
State Privacy Laws
Material updates to the HIPAA Security Rule could be on the way — affecting all HIPAA-regulated entities — for the first time in two decades. The Department of Health and Human Services (HHS) issued a Notice of Proposed...more
1/7/2025
/ Cyber Threats ,
Cybersecurity ,
Data Privacy ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
HIPAA Security Rule ,
Multi-Factor Authentication ,
NIST ,
Notice of Proposed Rulemaking (NOPR) ,
Policies and Procedures ,
Proposed Rules ,
Ransomware ,
Risk Management
The amendments to the HIPAA Privacy Rule designed to protect reproductive health care information (Amendments) are under legal challenge as the compliance date quickly approaches.
As discussed in more detail in our...more
12/20/2024
/ Administrative Procedure Act ,
Compliance ,
Data Privacy ,
Department of Health and Human Services (HHS) ,
Dobbs v. Jackson Women’s Health Organization ,
Enforcement ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Privacy Rule ,
Medical Records ,
New Amendments ,
Privacy Laws ,
Reproductive Healthcare Issues ,
SCOTUS
Recognizing the increasing number of successful cyberattacks targeting health care organizations and their valuable patient data, the Office of the Inspector General (OIG) is calling for enhancements to the HIPAA audit...more
12/10/2024
/ Audits ,
Breach Notification Rule ,
Compliance ,
Cyber Attacks ,
Cybersecurity ,
Department of Justice (DOJ) ,
Enforcement ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Security Rule ,
Noncompliance ,
OCR ,
OIG ,
PHI ,
Vulnerability Assessments
Artificial intelligence (AI) has the power to revolutionize health care. In oncology, there are now opportunities to apply AI to support diagnostics, predictive analytics, and administrative functions.
This hot topic was...more
9/26/2024
/ Analytics ,
Artificial Intelligence ,
Best Practices ,
Compliance ,
Contract Terms ,
Due Diligence ,
Governance Standards ,
Health Care Providers ,
Healthcare ,
Information Security ,
Insurance Industry ,
Machine Learning ,
Medical Devices ,
Policies and Procedures ,
Popular ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Oversight ,
Reimbursements
Data breach class actions are again on the rise, with a recent report by Lex Machina confirming what many cybersecurity practitioners have seen first-hand over the last two years. The findings also reaffirm longstanding best...more
7/23/2024
/ Class Action ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Investment ,
Multidistrict Litigation ,
Popular ,
Risk Assessment ,
Risk Management ,
SCOTUS ,
Supply Chain ,
TransUnion LLC v Ramirez
Share on Twitter Print Share by Email Share Back to top HIPAA regulated entities may now begin implementing the amendments to the HIPAA Privacy Rule to provide additional protections for reproductive health care information...more
Pixels, cookies, and trackers continue to be front of mind for HIPAA regulated entities seeking clarity on their ability to advertise, market, and engage with existing and prospective patients. On March 18, 2024, the U.S....more
3/21/2024
/ Cybersecurity ,
Data Security ,
Department of Health and Human Services (HHS) ,
Health Information Technologies ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Innovative Technology ,
Privacy Laws ,
Tracking Systems ,
Web Tracking ,
Websites
Substance Use Disorder (SUD) programs and HIPAA-regulated entities seeking to streamline their privacy and security practices and workflows received welcome news from the U.S. Department of Health & Human Services (HHS) last...more
2/13/2024
/ Applicability Date ,
Breach Notification Rule ,
CARES Act ,
Consent ,
Department of Health and Human Services (HHS) ,
Disclosure Requirements ,
Electronic Protected Health Information (ePHI) ,
Final Rules ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
Notice of Proposed Rulemaking (NOPR) ,
Patient Rights ,
Penalties ,
PHI ,
Substance Abuse
Recognizing the evolving landscape of care delivery and growth of telehealth, the U.S. Department of Health and Human Services (HHS) published a resource guide aimed at assisting telehealth providers in explaining the privacy...more
If artificial intelligence (AI) is the vehicle that will revolutionize health care, data is the fuel that will propel the revolution. Health AI startups have recognized an unprecedented opportunity to create a transformative...more
9/15/2023
/ Artificial Intelligence ,
Change of Control ,
Collaboration ,
Contract Term ,
Data Protection ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Health Technology ,
Healthcare ,
Hospitals ,
License Renewals ,
Medical Devices ,
Pharmaceutical Industry ,
Pricing ,
Regulatory Requirements ,
Startups
Decentralized Clinical Trials (DCTs) are clinical trials where some or all trial-related activities occur at locations other than traditional clinical trial sites, such as via telemedicine or in a clinical trial participant’s...more
Florida health care providers and digital health technology platforms should be on alert that a newly passed law requires providers using certified electronic health record technology (CEHRT) to ensure that all patient...more
Medicare telehealth post-Public Health Emergency (PHE): With the COVID-19 PHE concluding on May 11, 2023, many of the telehealth flexibilities the Centers for Medicare & Medicaid Services (CMS) implemented during the PHE will...more
3/30/2023
/ Centers for Medicare & Medicaid Services (CMS) ,
Controlled Substances ,
DEA ,
Department of Health and Human Services (HHS) ,
Digital Health ,
Federal Trade Commission (FTC) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Medicare Administrative Contractors (MAC) ,
Opioid ,
PHI ,
Public Health Emergency ,
Substance Abuse ,
Telemedicine
Proposed changes to the federal substance use disorder law will increase provider efficiency and alignment with the Health Insurance Portability and Accountability Act (HIPAA). In a move that seeks to decrease administrative...more
Preparation for operations after the end of the Public Health Emergency (PHE) have commenced. HHS released guidance on using remote communication technologies for audio-only telehealth services in compliance with HIPAA. In...more
Preparation for operations after the end of the Public Health Emergency (PHE) have commenced. HHS released guidance on using remote communication technologies for audio-only telehealth services in compliance with HIPAA. In...more
True to its word, the Federal Trade Commission (FTC) has continued to focus on online privacy by targeting digital platforms that collect personal information. Most recently, the FTC has focused its enforcement authority on...more
The regulatory scrutiny on telemedicine and digital health companies continues to tighten, whether it is privacy warning shots, new direct-to-consumer (DTC) advertising limits, a wave of reimbursement audits, or multistate...more
10/11/2021
/ Apple ,
Audits ,
Data Collection ,
Data Retention ,
Department of Justice (DOJ) ,
Digital Health ,
Federal Trade Commission (FTC) ,
Investigations ,
Mobile Apps ,
Privacy Policy ,
Risk Assessment ,
Telemedicine
The Federal Trade Commission (FTC) just released a Policy Statement emphasizing how telemedicine and digital health apps can be held accountable under the Health Breach Notification Rule, even if the company is not subject to...more
What does the new Supreme Court text message ruling mean for your digital health business?
The Supreme Court ruled in favor of Facebook, holding that the Telephone Consumer Protection Act (TCPA) did not apply to Facebook...more
4/6/2021
/ ATDS ,
Auto-Dialed Calls ,
Facebook ,
Facebook Inc v Duguid ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Random or Sequential Number Generator ,
Robocalling ,
SCOTUS ,
TCPA ,
Telemedicine
Throughout the COVID-19 pandemic, federal agencies have sought to allow health care companies more flexibility to use popular technology and applications to better engage with their patients. One example is the Department of...more
Telemedicine and remote patient monitoring companies often want to maintain open communication channels with patients, whether it be scheduling, medication reminders, engagement pings, or even new product and service updates....more
3/8/2021
/ Class Action ,
Enforcement Actions ,
FCC ,
Federal Trade Commission (FTC) ,
Fines ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Notifications ,
Statutory Damages ,
TCPA ,
Telemedicine ,
Texting ,
Written Consent
The telemedicine and digital health industry has a new organization, the Telehealth Equity Coalition (TEC), which seeks expanded, meaningful access to health care. Launched in February 2021, the TEC works with nonprofit,...more