HHS Office for Civil Rights Director Melanie Fontes Rainer on Progress and News at OCR
ERISA Blog | Changes to the HIPAA Privacy Rules A Primer for Self-Insured Group Health Plans
Podcast - Data Privacy and Tracking Technology Compliance
Patient Data and Privacy
2022 DSIR Deeper Dive: OCR’s Right of Access Initiative
HIPAA Tips With Williams Mullen - Telehealth After the Pandemic
Relaxed HIPAA Restrictions For Providers Using Telehealth
Webinar: Investigating and Resolving Sexual Assaults on Campus
In the first part of this blog post, we looked into the OCR and FTC’s focus on third-party tracking technologies. We also reviewed the AHA Lawsuit and its impact for the use of tracking technologies. In this blog post, we...more
Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed....more
On March 18, 2024, the Office for Civil Rights ("OCR") at the U.S. Department of Health and Human Services ("HHS") published updated guidance on the use of online tracking technologies by HIPAA covered entities and business...more
On March 18, 2024, the Office for Civil Rights (OCR) of the U.S. Department of Health and Human Services (HHS) issued revised guidance on the use of tracking technologies by HIPAA-covered entities and business associates....more
The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) updated its guidance concerning compliance obligations for HIPAA covered entities and business associates using online tracking...more
Report on Patient Privacy 23, no. 11 (November, 2023) The American Hospital Association (AHA) is urging federal lawmakers to intervene with the HHS Office for Civil Rights (OCR) so that hospitals and health systems can...more
On July 20, 2023, the Department of Health and Human Services (DHHS) through the Office of Civil Rights (OCR) and the Federal Trade Commission (FTC) issued a joint letter to hospitals and telehealth providers alerting them to...more
The FTC and OCR at HHS are continuing to scrutinize the use of tracking technologies that may reveal information about a person’s health or health status. Both agencies recently sent a letter to a reported 130 hospitals and...more
On Thursday, July 20, 2023, the Federal Trade Commission and HHS Office for Civil Rights issued a rare joint press release announcing that approximately 130 hospital systems and telehealth providers received a letter alerting...more
A patient surfs a hospital system’s website and reads an article about depression and anxiety. The patient then searches the hospital’s website for mental health providers in the area. A few hours later, the patient logs into...more
The proliferation of health apps and connected devices that allow individuals to track their health conditions, treatment, medications, fitness, fertility, sleep, mental health, diet and other vital areas has led to increased...more
The use of tracking technologies on websites and mobile applications (e.g., cookies) has become largely ubiquitous in our technology-driven world. Health care providers and organizations, for example, may use tracking...more
The Office for Civil Rights (OCR) of the U.S. Department of Health and Human Services (HHS) issued a Bulletin (Dec. 2022) outlining the obligations for HIPAA covered entities and businesses when deploying online tracking...more
Last month, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) issued a bulletin with guidance concerning the use of online tracking technologies by covered entities and business associates...more
Recently, lawsuits have been filed against Duke and WakeMed regarding their use of Meta’s Meta Pixel tracking product and the alleged improper disclosure of patients’ protected health information (“PHI”). The U.S. Department...more
On December 1, 2022, the Office for Civil Rights (OCR) of the U.S. Department of Health and Human Services (HHS) issued a Bulletin to highlight the obligations of HIPAA-covered entities and business associates when using...more
The U.S. Department of Health and Human Services Office for Civil Rights (OCR) issued guidance regarding covered entities’ and business associates’ use of tracking technologies (the Guidance). As discussed in greater detail...more
Report on Patient Privacy 22, no. 8 (August, 2022) - The Department of Justice (DOJ) seized around $500,000 in Bitcoin ransom paid by two health care organizations in Kansas and Colorado to North Korean ransomware actors...more
On June 24, 2022, the United States Supreme Court issued its decision in Dobbs v. Jackson Women's Health Organization,1 opening a legal path to state laws restricting or prohibiting access to certain reproductive health...more
In the wake of the U.S. Supreme Court’s decision in Dobbs v. Jackson Women’s Health Organization, many individuals and organizations have expressed uncertainty about the protection afforded to data stored on health apps,...more
The US Supreme Court’s recent decision to overturn Roe v. Wade in Dobbs v. Jackson Women’s Health Organization has raised many questions about potential efforts by law enforcement agencies to obtain data from healthcare and...more
All players in the health and wellness ecosystem should be following developments around the American Data Privacy and Protection Act (ADPPA). If enacted, the ADPPA would be a watershed in the regulation of the privacy and...more
Data collected during the coronavirus pandemic shows a disturbing trend of inequities in testing and treatment for COVID-19 among people of color. On July 20, 2020 the Department of Health and Human Services’ (HHS) Office for...more
As millions have moved their professional and personal lives online, in-person contact during the COVID-19 pandemic has become a memory except for “essential” public services. To receive medical care or an education, be...more
In an era of decreasing reimbursement and rapidly expanding opportunities associated with “big data”, healthcare entities may be looking for ways to monetize protected health information (“PHI”) for their own, non-patient...more