Healthcare Document Retention
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 192: Business Issues for Healthcare with Ira Bedenbaugh and Randi Branham of Elliott Davis
Business Better Podcast Episode: Cyber Adviser – Your Data, My Headache: Consumer Health Data Laws
Conducting Healthcare Compliance Investigations
The FTC's Health Privacy Enforcement Actions
Web-based Tracking Technology and AI: HIPAA Compliance Issues for Health Care Practices
Podcast: Discussing the Implications of Healthcare Privacy Violations
Podcast: Keeping an Eye on HIPAA Trends with Shannon Hartsfield
Podcast - Artificial Intelligence in Healthcare and How to Comply with HIPAA & State Privacy Laws
Meeting Cancer Reporting Requirements
Medical Device Legal News with Sam Bernstein: Episode 10
Business Associates Here, There, and Everywhere: When Does Your Service Provider Really Need to Sign a HIPAA Business Associate Agreement?
Patient Data and Privacy
Changing Telehealth Rules
De-Identification Under HIPAA and GDPR
Data Security Standards Audits
Compliance Programs and Doubt Mining
Employment Law Now VI-121 - Top 5 Fall Things You Need To Know
An Inside Look as a Juror - FCRA Focus Podcast
Expanded Information Block Rules Go into Effect
Over the past several years, the number of states with comprehensive consumer data privacy laws has increased exponentially from just a handful—California, Colorado, Virginia, Connecticut, and Utah—to up to twenty by some...more
On June 20, a federal district court in Texas ruled that the US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) exceeded its authority under the Health Insurance Portability and Accountability Act...more
The Federal Trade Commission (FTC) continues to enforce and update its Health Breach Notification Rule (HBNR) amidst a fast-changing regulatory environment. A new rule, which took effect this week, expands the scope of the...more
Over the course of the past few months, the Office of Civil Rights (OCR) and the Office of the National Coordinator for Health Information Technology (ONC), both of which are divisions of the U.S. Department of Health and...more
As our loyal Practical Privacy readers may remember, back in December of 2021, the Federal Trade Commission (the “FTC” or “Commission”) began a rulemaking process to update the Commission’s Health Breach Notification Rule...more
On April 26, 2024, the Federal Trade Commission (“FTC”) announced it had finalized changes to modernize the Health Breach Notification Rule (the “HBNR”) by clarifying its applicability to health and wellness apps and other...more
On February 8, 2024, the Department of Health and Human Services (HHS) posted a final rule that aims to align 42 CFR Part 2 (Part 2) — which protects certain substance abuse disorder (SUD) records — with the Health Insurance...more
The emergence of generative machine learning models, such as ChatGPT, has led to a surge in interest in artificial intelligence (“AI”) over the past year. This increased interest extends to the health care industry, where AI...more
As highlighted in the Data Security Incident Response Report, government entities such as universities, medical centers, public utilities and transportation services companies have become highly sought-after targets of cyber...more
Government regulators are seemingly as numerous as the stars nowadays, especially in the universe of data incidents. When organizations experience a data incident, they will need to quickly assess what happened, why it...more
Recent developments at the federal and state level demonstrate that regulators are focused on protecting consumer health data. Specifically, state and federal regulators want to close the gap between HIPAA-protected data and...more
To say there’s been a lot of new privacy law in the last decade is an understatement. For those of us who think we’ve “seen it all,” many of these new laws arrive and elicit a sense of challenge (for the optimists) or mild...more
Game Developer Dodges Loot Box Suit - In-app epi-games are not the same as slot machines, court says. Again with the Noises and Bright Lights - It’s been a while since we reported on defendant Supercell’s...more
INTRODUCTION - As more of our lives and work become digitized, an inherent overlap continues to grow between data privacy and cyber security programs. Think of two similarly sized circles: in the past, data privacy and cyber...more
Healthcare organizations collect and generate tremendous volumes of highly sensitive—and highly regulated—information about patients every day. A substantial portion of this data is personally identifiable information (PII)...more
Report on Patient Privacy Volume 23, no 1 (January 2023) The Centers for Medicare & Medicaid Services (CMS) said a data breach at a Medicare subcontractor impacted the personally identifiable information and protected...more
It’s been another interesting year in the world of legal technology, and we here at Hanzo have covered a variety of topics in 2022. For the next two weeks in December, we’ll highlight our top 20 ediscovery and compliance...more
On December 1, 2022, the Office for Civil Rights (OCR) at the US Department of Health and Human Services (HHS) issued a Bulletin on the obligations of covered entities and business associates (regulated entities) under the...more
Most companies operating websites and mobile apps use some form of tracking technologies on these digital properties. While these types of technologies have been used for some time and serve a variety of purposes, the use of...more
For years, patients and healthcare companies have been wrestling with privacy issues relating to cookies, pixels and other tracking technologies. The U.S. Department of Health and Human Services' (HHS) Office of Civil Rights...more
Report on Patient Privacy 22, no. 10 (October, 2022) - Thirty Democratic senators led by Sen. Patty Murray, D-Wash., have called on HHS to strengthen federal privacy protections under HIPAA to broadly restrict providers...more
Hybrid work is likely here to say, and, as Sheila Limmroth, privacy specialist at DCH Health System, and the author of the chapter Hybrid Work Environment in the Complete Healthcare Compliance Manual observes in this...more
You’ve probably either played the game “Whac-a-Mole” yourself as a kid, or you watched your kid play it, at a Chuck E. Cheese or another similar arcade. It’s a simple game with five holes in which moles pop up and a soft...more
HIPAA requires covered entities and business associates to report to the Office for Civil Rights (OCR) all breaches of unsecured protected health information when the incident involves fewer than 500 individuals no later than...more
Once reserved for routine doctors’ appointments, collecting health-related data has exploded as consumers start to monitor their own health metrics—everything from sleep and fertility to mental health and COVID-19—and...more