New Developments in Health Information Policy
New HIPAA Final Rule: Key Changes to Reproductive Health Care Privacy - Thought Leaders in Health Law®
Podcast - Data Privacy and Tracking Technology Compliance
Medical Device Legal News with Sam Bernstein: Episode 10
AI Risks in Healthcare
Business Associates Here, There, and Everywhere: When Does Your Service Provider Really Need to Sign a HIPAA Business Associate Agreement?
Healthcare Privacy Walkthroughs
Dobbs on Demand: Healthcare Privacy on the Line in a New Legal Setting
HIPAA Tips With Williams Mullen - Health Care Providers - Are You Ready for a Ransomware Attack?
Hybrid Workforces and Compliance with Sheila Limmroth
Privacy and Healthcare Business Associates with Isabella Porter
Podcast: Interoperability: The Provider Perspective - Diagnosing Health Care
HIPAA Tips With Williams Mullen - COVID Health Information and HIPAA – Do You Know the Rules?
Podcast–Interoperability: How Far We’ve Come and Where We’re Going - Diagnosing Health Care
State Law Privacy Video Series | Healthcare Entities and Health Data
Getting Personal—Wearable Devices, Data, and Compliance
AGG Talks: Technology - In the Balance: Interoperability and Security
Podcast: How Can Companies in the Health Care and Life Sciences Industries Strengthen Their Cybersecurity Posture? - Diagnosing Health Care
Nick Culbertson on Compliance Breaches in Healthcare
Privacy Series: HIPAA Breaches - When It Is, and When It Is Not a Breach
White-collar crimes present investigators with intricate challenges that require precision, expertise, and advanced technology. In today’s high-profile investigations, the stakes couldn’t be higher, with reputations,...more
On October 2, 2024, New York adopted new regulations requiring general hospitals to implement heightened cybersecurity safeguards. General hospitals, as defined in Article 28 of the NY Public Health Law, generally must begin...more
As we settle into spooky season, let’s take a minute to consider a recent development in health care privacy as we ask ourselves, is this a trick or a treat?...more
While all companies must take measures to safeguard the privacy and integrity of their electronic data, covered entities and their business associates subject to the Health Insurance Portability and Accountability Act of...more
We’ve talked before about the FTC’s focus on consumer health privacy. In cases against BetterHelp and GoodRx, a blog post announcing rules it intends to enforce in the space, and a report summarizing its recent privacy and...more
The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) and Substance Abuse and Mental Health Services Administration (SAMHSA) released its anticipated Final Rule last week. The Final Rule revises...more
As more and more states consider consumer privacy laws, the first-of-its kind My Health My Data Act (the Act) could be a harbinger of health and wellness compliance requirements to come. The ramifications of Washington...more
On January 1, California's Assembly Bill No. 352 (AB 352) went into effect, introducing significant changes to the handling and sharing of sensitive health information — particularly information related to reproductive health...more
The European Medicines Agency (EMA) published Version 1.1 of its “Guidance on how to approach the safeguarding of personal protected data (“PPD”) and commercially confidential information (“CCI”) while using the Clinical...more
To say there’s been a lot of new privacy law in the last decade is an understatement. For those of us who think we’ve “seen it all,” many of these new laws arrive and elicit a sense of challenge (for the optimists) or mild...more
New York Attorney General Letitia James announced on March 27, 2023 that she had levied a fine against law firm Heidell, Pittoni, Murphy & Bach LLP for failing to secure personal and health information of clients exposing the...more
Following its February settlement with GoodRx, the Federal Trade Commission (FTC) has fired another shot across the bow in its ongoing campaign to protect consumers’ digital health information. Earlier this month the FTC...more
The privacy landscape in the United States and much of the world is quickly evolving around the framework of the General Data Protection Regulation (GDPR) within the European Economic Alliance (EEA). Clinical trials involve...more
The Federal Trade Commission (FTC) announced on February 1, 2023 that it has settled, for $1.5M, its first enforcement action under its Health Breach Notification Rule against GoodRx Holdings, Inc., a telehealth and...more
The continued proliferation of tracking technologies has created a landscape of increased exposure for entities serving individuals online. As individuals are increasingly interacting with healthcare services providers...more
Earlier this week, our Fox partner Odia Kagan spoke on HIMSS TV about the risks associated with what may be a “blind spot” in your data privacy compliance efforts: the use of data trackers (such as cookies, tracking pixels,...more
AMA Provides a No Surprises Tool-Kit - As most health care providers know by now, the No Surprises Act (NSA) prohibits out-of-network health care providers from balance billing commercially insured patients, in certain...more
Modern society is awash in data, in a wide range of formats and types. While every industry faces challenges in how to efficiently store and process data, the healthcare industry faces particular challenges with the...more
Under federal law, much of the health data recorded from wearable devices, health care applications, and health IoT devices is beyond the reach of the Health Insurance Portability and Accountability Act (HIPAA), which...more
On December 3, 2021, Québec’s Minister of Health and Social Services introduced Bill 19, An Act respecting health and social services and amending various legislative provisions (“Bill 19”). The bill’s four objectives are (i)...more
Blackbaud Breach - In the early months of 2020, cybercriminals orchestrated a ransomware attack on Blackbaud Inc., a cloud software company headquartered in Charleston, South Carolina that provides data collection and...more
Renown Health, P.C. (Renown), a non-profit health system in Nevada, settled with the U.S. Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services in a matter resulting from an enforcement action for...more
The Office for Civil Rights (OCR) issued a press release on November 12, 2020, announcing that it had settled its eleventh enforcement action in its HIPAA Right-of-Access Initiative. The settlement with Dr. Rajendra Bhayani,...more
Regulatory bodies are upping the ante when it comes to settling with companies that have suffered data breaches. In addition to the below settlements, see also the settlement between the OCR and Dignity Health....more
Recently we wrote about two amendments to the California Consumer Privacy Act of 2018 (CCPA) that were awaiting signature on Governor Newsom’s desk: AB 1281 – which extends the one-year exemptions for employee information and...more