New Developments in Health Information Policy
New HIPAA Final Rule: Key Changes to Reproductive Health Care Privacy - Thought Leaders in Health Law®
Podcast - Data Privacy and Tracking Technology Compliance
Medical Device Legal News with Sam Bernstein: Episode 10
AI Risks in Healthcare
Business Associates Here, There, and Everywhere: When Does Your Service Provider Really Need to Sign a HIPAA Business Associate Agreement?
Healthcare Privacy Walkthroughs
Dobbs on Demand: Healthcare Privacy on the Line in a New Legal Setting
HIPAA Tips With Williams Mullen - Health Care Providers - Are You Ready for a Ransomware Attack?
Hybrid Workforces and Compliance with Sheila Limmroth
Privacy and Healthcare Business Associates with Isabella Porter
Podcast: Interoperability: The Provider Perspective - Diagnosing Health Care
HIPAA Tips With Williams Mullen - COVID Health Information and HIPAA – Do You Know the Rules?
Podcast–Interoperability: How Far We’ve Come and Where We’re Going - Diagnosing Health Care
State Law Privacy Video Series | Healthcare Entities and Health Data
Getting Personal—Wearable Devices, Data, and Compliance
AGG Talks: Technology - In the Balance: Interoperability and Security
Podcast: How Can Companies in the Health Care and Life Sciences Industries Strengthen Their Cybersecurity Posture? - Diagnosing Health Care
Nick Culbertson on Compliance Breaches in Healthcare
Privacy Series: HIPAA Breaches - When It Is, and When It Is Not a Breach
It’s not immediately obvious why someone would want to disclose a health care test result as part of a job application. But one such request spurred a Pennsylvania entity to provide a lot more than that: it sent her whole...more
We bring you Vital Signs, a curated, one-stop resource on the most notable digital health law updates from our U.S. and global contributors. In Industry Insights, we present a timely discussion about increasing litigation and...more
Attestations are at the heart of permissible disclosures under the HHS Office for Civil Rights’ (OCR) new reproductive health privacy rule—and OCR wants covered entities (CEs) and business associates (BA) to use them now. The...more
The Federal Trade Commission ("FTC") intends to "strengthen and modernize" the Health Breach Notification Rule with revamped and increased scrutiny on entities holding health information, including health apps, websites, and...more
The Federal Trade Commission (“FTC”) recently published its Final Rule amending the Health Breach Notification Rule (“HBNR”). The updated HBNR, which regulates entities that handle certain personal health information, other...more
Who will notify the potentially millions of individuals whose information might have been jeopardized by the massive cyberattack on Change Healthcare? Since the affiliate of UnitedHealth Group (UHG) first reported the...more
On April 26, the Federal Trade Commission (FTC) approved its Final Rule revising the Health Breach Notification Rule (HBNR) (“Final Rule”) by a 3-2 vote. The HBNR requires vendors of personal health records (PHR) and related...more
On April 26, 2024, the Federal Trade Commission (FTC) issued a final rule to amend its Health Breach Notification Rule (HBN Rule). The HBN Rule works as a complement and counterpart to the breach notification requirements...more
As our loyal Practical Privacy readers may remember, back in December of 2021, the Federal Trade Commission (the “FTC” or “Commission”) began a rulemaking process to update the Commission’s Health Breach Notification Rule...more
On April 26, the Federal Trade Commission announced its final rule updating the health breach notification rule. According to the FTC, the update seeks to “clarify” the scope of the rule by adding new definitions and revising...more
On April 26, 2024, the Federal Trade Commission (“FTC”) announced it had finalized changes to modernize the Health Breach Notification Rule (the “HBNR”) by clarifying its applicability to health and wellness apps and other...more
The FTC has updated its HBNR to clarify that the rule also restricts marketing practices involving personal health information. This update to the HBNR was announced on April 26, 2024, and follows several recent enforcement...more
On May 18, 2023 the Federal Trade Commission (FTC) released a Notice for Proposed Rule Making (NPRM) for updates to the Health Breach Notification Rule, 16 C.F.R. Part 318 (the Rule). The Rule serves to ensure entities that...more
The 21st Century digital age has provided women with numerous sexual and reproductive health tools that track periods, ovulation, and pregnancy. By simply plugging certain health data inputs into these apps, women can now...more
The Federal Trade Commission (FTC) recently proposed changes to the Health Breach Notification Rule (Rule), enacted in 2009, to clarify that the Rule applies directly to an estimated 170,000 health and wellness mobile...more
The Federal Trade Commission earlier this month undertook an enforcement action against online pharmacy and telehealth provider GoodRx, in the latest example of the agency seriously pursuing its role as the nation’s de facto...more
Mobile health apps are growing in popularity and their number is increasing every year. Many of us find it convenient to use an app to schedule medical appointments, check medical records, track and store health data, and...more
Last week’s news that the Federal Trade Commission is taking steps to begin rulemaking on consumer privacy and artificial intelligence drew plenty of attention from privacy professionals, and suggests 2022 could be an...more
The use of apps, wearables, and other devices used to track health and wellness data have continued to rise. The FTC again signaled its focus on this growing industry in a statement on the scope of the Health Breach...more
Officials at the U.S. Department of Health and Human Services Office of Civil Rights (HHS OCR) have recently selected a vendor to conduct the second wave of HIPAA audits. These so-called "Phase 2 Audits" are set to commence...more
On September 2, 2015, the U.S. Department of Health and Human Services ("HHS") announced that it had entered into a Settlement Agreement with an Indiana-based medical practice for alleged violations of the Health Insurance...more
On Sept. 18, 2014, California’s governor approved Assembly Bill 1755, extending California’s stringent breach notification deadline for medical information breaches from five business days to 15 business days for clinics,...more
Adult and Pediatric Dermatology (A&P Dermatology) of Concord, Massachusetts has entered into a resolution agreement with the Department of Health and Human Services (HHS) to settle potential violations of the Health Insurance...more
Hospitals and health care providers must often look to third party vendors offering cloud computing solutions, but are these companies well-prepared to meet the HIPPA/HITECH Act privacy and security requirements as well as...more