On March 18, 2024, the US Department of Health and Human Services Office for Civil Rights (OCR) issued an update to its December 1, 2022, bulletin titled “Use of Online Tracking Technologies by HIPAA Covered Entities and...more
3/22/2024
/ Business Associates ,
Covered Entities ,
Department of Health and Human Services (HHS) ,
Enforcement ,
Enforcement Priorities ,
Guidance Update ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Privacy Rule ,
OCR ,
PHI ,
Tracking Systems ,
Web Tracking ,
Websites
On September 15, 2021, the Federal Trade Commission (FTC) voted 3–2 along party lines (with Republican commissioners dissenting) to issue a policy statement announcing an expansive interpretation of the FTC’s Health Breach...more
9/21/2021
/ Breach Notification Rule ,
Cybersecurity ,
Data Privacy ,
Data Security ,
Digital Health ,
Enforcement ,
Federal Trade Commission (FTC) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Mobile Health Apps ,
Personally Identifiable Information ,
PHI
Throughout the past year, the healthcare and life science industries experienced a proliferation of digital health innovation that challenged traditional notions of healthcare delivery and payment, as well as product...more
1/29/2020
/ Anti-Kickback Statute ,
Biometric Information ,
California Consumer Privacy Act (CCPA) ,
Department of Justice (DOJ) ,
Digital Health ,
Electronic Medical Records ,
Electronic Protected Health Information (ePHI) ,
Enforcement ,
Food and Drug Administration (FDA) ,
Fraud and Abuse ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Life Sciences ,
Regulatory Standards ,
Stark Law ,
Telemedicine
The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) will soon begin a second phase of audits (Phase 2 Audits) of compliance with Health Insurance Portability and Accountability Act of 1996 (HIPAA)...more
7/30/2014
/ Audits ,
Best Management Practices ,
Business Associates ,
Chief Compliance Officers ,
Covered Entities ,
Cybersecurity ,
Data Breach ,
Department of Health and Human Services (HHS) ,
Enforcement ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HITECH Act ,
Hospitals ,
PHI ,
Popular
In Boston, we celebrated Data Privacy Day (January 28) by presenting “U.S. Privacy and Data Protection: 2013 Year In Review and a Prediction of What’s to Come in 2014” for participants in an IAPP KnowledgeNet. Our panel of...more
1/29/2014
/ Affordable Care Act ,
Compliance ,
Cybersecurity ,
Data Breach ,
Data Protection ,
EHR ,
Enforcement ,
Enforcement Actions ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Neiman Marcus ,
Personally Identifiable Information ,
PHI ,
Privacy Laws ,
Safe Harbors ,
Target
The compliance date for the omnibus final rule amending the privacy, security, breach notification and enforcement regulations under the Health Insurance Portability and Accountability Act (HIPAA) and the Health Information...more
7/25/2013
/ Breach Notification Rule ,
Compliance ,
Data Breach ,
Data Protection ,
Deadlines ,
Enforcement ,
Final Rules ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
HIPAA Omnibus Rule ,
Privacy Policy
On January 25, 2013, the Office for Civil Rights (OCR) of the U.S. Department of Health and Human Services (HHS) published a final rule (Final Rule) containing modifications to the privacy standards (Privacy Rule), security...more
2/21/2013
/ Business Associates ,
Covered Entities ,
Data Breach ,
Data Protection ,
Department of Health and Human Services (HHS) ,
Enforcement ,
GINA ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HITECH Act ,
Notice Requirements ,
OCR ,
PHI ,
Privacy Rule