On April 26, the Federal Trade Commission (FTC) approved its Final Rule revising the Health Breach Notification Rule (HBNR) (“Final Rule”) by a 3-2 vote. The HBNR requires vendors of personal health records (PHR) and related...more
6/5/2024
/ Breach Notification Rule ,
Data Breach ,
Enforcement ,
Federal Trade Commission (FTC) ,
Final Rules ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Health Technology ,
Healthcare ,
Penalties ,
PHI ,
Popular ,
Reporting Requirements ,
Rulemaking Process ,
Vendors
On March 18, 2024, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) issued a Bulletin revising its December 1, 2022 Guidance concerning the HIPAA obligations of covered entities and...more
On February 1, 2023, the Federal Trade Commission (FTC) announced that it has taken enforcement action for the first time under its Health Breach Notification Rule (HBNR) against GoodRx Holdings Inc. (GoodRx), for allegedly...more
On December 1, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services provided guidance on the intersection of the Health Insurance Portability and Accountability Act (HIPAA) and the use of...more
On September 15, 2021, the Federal Trade Commission (“FTC”) issued a Policy Statement instructing health app and connected device companies to comply with the Health Breach Notification Rule (“the Rule”). The Rule, codified...more
11/2/2021
/ Breach Notification Rule ,
Data Breach ,
Electronic Devices ,
Federal Trade Commission (FTC) ,
Final Rules ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
Mobile Apps ,
PHI ,
Popular ,
Security Breach
Over the last two months, the U.S. Department of Health and Human Services (“HHS”) published guidance regarding the enforcement of HIPAA and its privacy and security requirements in response to the COVID-19 public health...more
5/6/2020
/ Coronavirus/COVID-19 ,
Department of Health and Human Services (HHS) ,
Facebook ,
Good Faith ,
Health Insurance Portability and Accountability Act (HIPAA) ,
OCR ,
PHI ,
Public Health ,
Public Health Emergency ,
SAMHSA ,
Telehealth
On October 23, 2019, the Office for Civil Rights (OCR) at HHS announced the imposition of a $2,154,000 civil monetary penalty against a Florida hospital system (Hospital System) for alleged violations of the HIPAA Security...more
On October 15, 2018, the HHS Office of Civil Rights (OCR) announced a record $16 million settlement with Anthem, Inc., to settle allegations that Anthem violated certain HIPAA requirements prior to and following a 2015...more