New Developments in Health Information Policy
New HIPAA Final Rule: Key Changes to Reproductive Health Care Privacy - Thought Leaders in Health Law®
Podcast - Data Privacy and Tracking Technology Compliance
Medical Device Legal News with Sam Bernstein: Episode 10
AI Risks in Healthcare
Business Associates Here, There, and Everywhere: When Does Your Service Provider Really Need to Sign a HIPAA Business Associate Agreement?
Healthcare Privacy Walkthroughs
Dobbs on Demand: Healthcare Privacy on the Line in a New Legal Setting
HIPAA Tips With Williams Mullen - Health Care Providers - Are You Ready for a Ransomware Attack?
Hybrid Workforces and Compliance with Sheila Limmroth
Privacy and Healthcare Business Associates with Isabella Porter
Podcast: Interoperability: The Provider Perspective - Diagnosing Health Care
HIPAA Tips With Williams Mullen - COVID Health Information and HIPAA – Do You Know the Rules?
Podcast–Interoperability: How Far We’ve Come and Where We’re Going - Diagnosing Health Care
State Law Privacy Video Series | Healthcare Entities and Health Data
Getting Personal—Wearable Devices, Data, and Compliance
AGG Talks: Technology - In the Balance: Interoperability and Security
Podcast: How Can Companies in the Health Care and Life Sciences Industries Strengthen Their Cybersecurity Posture? - Diagnosing Health Care
Nick Culbertson on Compliance Breaches in Healthcare
Privacy Series: HIPAA Breaches - When It Is, and When It Is Not a Breach
Health Insurance Portability and Accountability Act (HIPAA)-covered entities and business associates should be familiar with restrictions on the use or disclosure of protected health information (PHI) under HIPAA rules....more
The HIPAA Privacy and Security Rules require covered entities (including healthcare providers and health plans) and their business associates to protect patient information stored or transmitted electronically, including...more
Nearly six years to the day that Warby Parker reported a breach affecting nearly 200,000 individuals, the HHS Office for Civil Rights (OCR) imposed a $1.5 million fine on the eyewear giant. Investigated by OCR under the Biden...more
For the first time in 11 years, the US Department of Health and Human Services (HHS) has proposed updating the Security Rule under the Health Insurance Portability and Accountability Act of 1996 (HIPAA). The Proposed Rule, to...more
In addition to holiday celebrations, the month of December typically ushers in a final round of enforcement actions by the U.S. Department of Health and Human Services' (HHS) Office of Civil Rights (OCR), and 2024 is no...more
HCCA's Healthcare Privacy Compliance Academy is a three-and-a-half-day interactive education program with a focus on the vast body of privacy laws and regulations in place to help you protect PHI and other critical data. Our...more
In the first part of this blog post, we looked into the OCR and FTC’s focus on third-party tracking technologies. We also reviewed the AHA Lawsuit and its impact for the use of tracking technologies. In this blog post, we...more
On October 23-24, 2024, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) and the National Institute of Standards and Technology (NIST) Information Technology Laboratory hosted the Safeguarding...more
Americans hear about cybersecurity incidents on a frequent basis. As the adage goes, it is not a matter of “if” a breach or security hack occurs; it is a matter of “when.”...more
A business associate agreement (BAA) is a written contract between a covered entity (CE) and a business associate (BA) that—among other requirements—(1) establishes the permitted and required uses and disclosures of protected...more
Effective December 23, 2024, HIPAA-covered entities and their business associates will be required to comply with new restrictions on how protected health information may be used and disclosed for certain purposes relating to...more
On April 22, 2024, the U.S. Department of Health and Human Services (“HHS”) issued new regulations under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) that impose new restrictions on the use and...more
For most healthcare providers and businesses, signing a Business Associate Agreement (BAA) is a standard practice. When contracting to provide services with an entity governed by the Health Insurance Portability and...more
It has now become commonplace for Plaintiffs’ attorneys to bring claims alleging that routine marketing techniques, including the deployment of behavioral advertising cookies and pixels, constitute wiretaps in violation of...more
On April 26, 2024, the U.S. Department of Health and Human Services (HHS) published the Reproductive Health Care Rule. This final rule enhances the HIPAA privacy protections for protected health information (PHI) relating to...more
On April 26, 2024, the U.S. Department of Health and Human Services (HHS) and Office for Civil Rights (OCR) published Final Regulations under HIPAA’s Privacy Rule introducing greater protections for information related to...more
The popularity of Artificial Intelligence (AI), particularly OpenAI's ChatGPT, has rapidly increased since its release in November 2022. In healthcare, Generative AI (GAI) tools like ChatGPT can revolutionize workflows by...more
On June 20, 2024, a Texas federal judge ruled that guidance published by the Department of Health and Human Services (the Department) prohibiting covered entities from disclosing information collected by third-party...more
On June 20, 2024, the Northern District of Texas issued its final order in American Hospital Association, et al. v. Becerra, et al. (AHA), granting the plaintiffs’ (the American Hospital Association, two Texas health systems...more
Last week, a federal district court in Texas issued a decision declaring unlawful and vacating a central component of a guidance document (the Bulletin) from the Department of Health and Human Services (HHS) Office for Civil...more
A recent federal court decision is a victory for Health Insurance Portability and Accountability Act (HIPAA) covered entities using third-party tracking tools on unauthenticated webpages. These are websites available to the...more
On June 20, 2024, a federal court vacated key portions of regulatory guidance on the treatment of information collected by online tracking tools. At issue was the U.S. Department of Health and Human Services Office for Civil...more
On April 26, 2024, almost a year after issuing a notice of proposed rulemaking to modify the Privacy Rule, the US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) finalized the HIPAA Privacy Rule to...more