New Developments in Health Information Policy
New HIPAA Final Rule: Key Changes to Reproductive Health Care Privacy - Thought Leaders in Health Law®
Podcast - Data Privacy and Tracking Technology Compliance
Medical Device Legal News with Sam Bernstein: Episode 10
AI Risks in Healthcare
Business Associates Here, There, and Everywhere: When Does Your Service Provider Really Need to Sign a HIPAA Business Associate Agreement?
Healthcare Privacy Walkthroughs
Dobbs on Demand: Healthcare Privacy on the Line in a New Legal Setting
HIPAA Tips With Williams Mullen - Health Care Providers - Are You Ready for a Ransomware Attack?
Hybrid Workforces and Compliance with Sheila Limmroth
Privacy and Healthcare Business Associates with Isabella Porter
Podcast: Interoperability: The Provider Perspective - Diagnosing Health Care
HIPAA Tips With Williams Mullen - COVID Health Information and HIPAA – Do You Know the Rules?
Podcast–Interoperability: How Far We’ve Come and Where We’re Going - Diagnosing Health Care
State Law Privacy Video Series | Healthcare Entities and Health Data
Getting Personal—Wearable Devices, Data, and Compliance
AGG Talks: Technology - In the Balance: Interoperability and Security
Podcast: How Can Companies in the Health Care and Life Sciences Industries Strengthen Their Cybersecurity Posture? - Diagnosing Health Care
Nick Culbertson on Compliance Breaches in Healthcare
Privacy Series: HIPAA Breaches - When It Is, and When It Is Not a Breach
New York lawmakers recently passed a wide-ranging health information privacy bill that would require entities to obtain consent to collect, use, or sell an individual’s health information except for designated purposes. ...more
Law enforcement officers often request or demand that Idaho hospitals draw blood or conduct other tests on patients for law enforcement purposes; nevertheless, the general rule remains that patients (including persons in...more
The first class action complaint was filed under Washington’s My Health My Data Act (“MHMDA”) on February 10, 2025, more than a year after the law’s passage. When the law passed in April 2023, MHMDA was novel for its broad...more
Just in time for setting a new year’s resolution, the New York Senate passed health privacy bill S-929. This bill was first introduced during the 2024 legislative session but failed to pass. Now in the early weeks of 2025,...more
On January 22, 2025, the New York State Assembly and Senate rapidly passed the wide-ranging New York Health Information Privacy Act (“NY HIPA”). If not vetoed by Governor Kathy Hochul, NY HIPA would be the fourth enacted...more
In a major development for all businesses handling health data, New York lawmakers passed a sweeping health data privacy bill Wednesday that could have far-ranging consequences across the country. S929, also known as the New...more
Although 2024 saw several states enact comprehensive privacy legislation, another year is nearly gone, and we still do not have a comprehensive federal privacy law to resolve the rapidly evolving patchworks of state laws....more
On April 11, 2024, the Federal Trade Commission announced that it has banned an alcohol addiction treatment firm from disclosing health data for advertising purposes in order to settle agency charges that the company shared...more
Are you responsible for privacy compliance at your company? Sharpen your pencils and grab your highlighters for this three-part series on critical privacy laws, DPOs and privacy officers (and when you should appoint one), and...more
The Federal Trade Commission (FTC) has assumed the authority to enforce unauthorized data disclosures under the Federal Trade Commission Act (FTC Act). During the past three weeks, the FTC has used this authority to go after...more
Nevada’s new consumer health data law—like Washington’s My Health My Data Act—implements strict—and separate—consent requirements for the collection and sharing of an individual’s health data, with few exceptions. March...more
On March 31, 2024, the Washington My Health My Data Act (MHMDA), a comprehensive consumer health privacy law, will come into force. Small businesses – defined as those processing consumer health data of fewer than 100,000...more
In just a few short weeks, a new front may emerge for biometrics litigation in the United States. On March 31, 2024, the My Health My Data Act (“MHMDA”) will go into effect in Washington for most entities that conduct...more
On February 8, 2024, the Department of Health and Human Services (HHS) posted a final rule that aims to align 42 CFR Part 2 (Part 2) — which protects certain substance abuse disorder (SUD) records — with the Health Insurance...more
This post is part of a series of articles we are doing on 2023 data protection litigation trends. Since its enactment in 2008, Illinois’s Biometric Information Privacy Act (BIPA) has produced a wave of privacy-related...more
On April 27, 2023, the Washington State governor signed into law the My Health My Data Act or the MHMDA. In spite of the onerous and at times confusing requirements of the MHMDA, the Washington Attorney General (AG) has only...more
On January 16, 2024, New Jersey Governor Phil Murphy signed into law the first comprehensive state privacy law of 2024 (SB 332). As states wait for federal privacy legislation to materialize, New Jersey's legislation becomes...more
For decades, medical providers and other covered entities have satisfied their health-data privacy obligations by complying with the federal Health Insurance Portability and Accountability Act (HIPAA) — but this is changing...more
In late April, Washington's governor signed the My Health My Data Act, or MHMD, into law. The law, which goes into effect next year, aims to regulate the vast amount of health-related data processing that takes place...more
The Health Information Portability and Accountability Act (“HIPAA”) has long been described as the floor for health care privacy laws and that states and regulators are free to enact more restrictive health care privacy laws....more
In an era of decreasing reimbursement and rapidly expanding opportunities associated with “big data”, healthcare entities may be looking for ways to monetize protected health information (“PHI”) for their own, non-patient...more
On December 19, 2019, the U.S. Department of Health and Human Services (HHS) and the U.S. Department of Education (DOE) provided new joint guidance on the release of certain student records. In summary, this HHS/DOE release...more