Learning Objectives: - Understand the methods for de-identification - Learn about the differences between anonymization, de-identification, and pseudonymization - Understand what “potential for re-identification”...more
Healthcare providers running on thin margins or just seeking new (and in the case of tax-exempt providers, permissible) revenue sources may jump at the chance when third party vendors offer to help them monetize their patient...more
On October 6, 2021, California Governor Gavin Newsom signed into law the Genetic Information Privacy Act (GIPA). This follows Governor Newsom’s veto of an earlier version of the bill almost exactly one year ago. ...more
Although it received little notice, the CCPA was amended effective January 1, 2021 to clarify and modify the exemption relating to de-identified data, with particular focus on medical data. Specifically, AB 713 amended the...more
An amendment to the California Consumer Privacy Act (“CCPA”) was signed in September 2020. The CCPA regulates how large companies treat their customers’ personal information. However, the CCPA and healthcare information...more
Hospital and Health System Innovation Centers clear the path for healthcare advancement. And in an environment upended by COVID-19, there is no better time for investment in innovation and growth of collaborative partnerships...more
Report on Patient Privacy 20, no. 10 (October 2020) - September was quite the month for enforcement actions by the HHS Office for Civil Rights (OCR). The agency announced eight settlements totaling more than $10 million....more
Data license agreements have been a hot ticket item of the digital health market and are here to stay. With the exponential growth in licensed data, including de-identified patient data, data license agreement litigation and...more
For companies seeking to use, license, or otherwise commercialize health data, there are potential inconsistencies among the HIPAA de-identification standard, the CCPA definition of de-identified data, and GDPR requirements...more
In an era of decreasing reimbursement and rapidly expanding opportunities associated with “big data”, healthcare entities may be looking for ways to monetize protected health information (“PHI”) for their own, non-patient...more
Healthcare providers (Providers) rely on third party vendors for providing Electronic Health Record (EHR) software services. Due to the amount of protected health information Providers store in these software services, and...more
Notes from the Chair and Executive Editor - Welcome to 2016's first edition of SuperVision Today, the enewsletter from Spilman Thomas & Battle's Labor & Employment Group. Our clients in West Virginia certainly are...more
On September 2, 2015, the U.S. Department of Health and Human Services ("HHS") announced that it had entered into a Settlement Agreement with an Indiana-based medical practice for alleged violations of the Health Insurance...more
RESPONDING TO SUBPOENAS AND OTHER REQUESTS FOR PERSONAL HEALTH INFORMATION: TAKE THEM AT FACE VALUE - Healthcare providers and other HIPAA covered entities receive requests for protected health information (“PHI”) from...more
The increasing amounts of health information being generated, stored and collected have heightened the special risks medical device manufacturers have long faced. In addition to the nexus to patient health and safety, if a...more
For technology startups, maintaining strong security controls remains vital to winning new business opportunities and strengthening existing relationships. Despite the global spike in cybersecurity attacks (there were 42.8...more
Earlier this month, the U.S. Department of Health and Human Services Office for Civil Rights (HHS OCR) announced that it had entered into a settlement agreement with St. Elizabeth's Medical Center (SEMC) in Brighton,...more
Health Insurance Portability and Accountability Act of 1996 (HIPAA) covered entities have reported that the U.S. Department of Health and Human Services Office for Civil Rights (OCR) recently sent pre-audit screening surveys...more
In this issue: - FTC Releases Final Amendments to Children's Online Privacy Protection Rule - Mobile Apps Face Heightened Privacy Enforcement - Policies and Practices Scrutinized - Global and European...more
The HITECH Act required the Secretary of Health and Human Services to publish a number of “Guidance” documents to inform the health care industry and its advisors about practical aspects of HIPAA compliance and HITECH...more