New Developments in Health Information Policy
New HIPAA Final Rule: Key Changes to Reproductive Health Care Privacy - Thought Leaders in Health Law®
Podcast - Data Privacy and Tracking Technology Compliance
Medical Device Legal News with Sam Bernstein: Episode 10
AI Risks in Healthcare
Business Associates Here, There, and Everywhere: When Does Your Service Provider Really Need to Sign a HIPAA Business Associate Agreement?
Healthcare Privacy Walkthroughs
Dobbs on Demand: Healthcare Privacy on the Line in a New Legal Setting
HIPAA Tips With Williams Mullen - Health Care Providers - Are You Ready for a Ransomware Attack?
Hybrid Workforces and Compliance with Sheila Limmroth
Privacy and Healthcare Business Associates with Isabella Porter
Podcast: Interoperability: The Provider Perspective - Diagnosing Health Care
HIPAA Tips With Williams Mullen - COVID Health Information and HIPAA – Do You Know the Rules?
Podcast–Interoperability: How Far We’ve Come and Where We’re Going - Diagnosing Health Care
State Law Privacy Video Series | Healthcare Entities and Health Data
Getting Personal—Wearable Devices, Data, and Compliance
AGG Talks: Technology - In the Balance: Interoperability and Security
Podcast: How Can Companies in the Health Care and Life Sciences Industries Strengthen Their Cybersecurity Posture? - Diagnosing Health Care
Nick Culbertson on Compliance Breaches in Healthcare
Privacy Series: HIPAA Breaches - When It Is, and When It Is Not a Breach
Becker’s Hospital Review reports that the Department of Government Efficiency (DOGE) “has access to sensitive information in 19 HHS databases and systems,” according to a court filing obtained by Wired. HHS provided the...more
In the first part of this blog post, we looked into the OCR and FTC’s focus on third-party tracking technologies. We also reviewed the AHA Lawsuit and its impact for the use of tracking technologies. In this blog post, we...more
On March 18, 2024, the Office for Civil Rights (OCR) of the U.S. Department of Health and Human Services (HHS) issued revised guidance on the use of tracking technologies by HIPAA-covered entities and business associates....more
Health and Human Services (“HHS”) released updated guidance yesterday on the use of online tracking technologies (like cookies, pixels, software development kits (SDKs), etc.) by HIPAA Covered Entities (the “Updated...more
The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) updated its guidance concerning compliance obligations for HIPAA covered entities and business associates using online tracking...more
On July 20, 2023, the Department of Health and Human Services (DHHS) through the Office of Civil Rights (OCR) and the Federal Trade Commission (FTC) issued a joint letter to hospitals and telehealth providers alerting them to...more
Introduction: Tracking Software in the Healthcare Industry - Privacy-related concerns have become increasingly prominent in recent years, especially with the widespread use of third-party tracking tools such as tracking...more
A patient surfs a hospital system’s website and reads an article about depression and anxiety. The patient then searches the hospital’s website for mental health providers in the area. A few hours later, the patient logs into...more
The proliferation of health apps and connected devices that allow individuals to track their health conditions, treatment, medications, fitness, fertility, sleep, mental health, diet and other vital areas has led to increased...more
The use of tracking technologies on websites and mobile applications (e.g., cookies) has become largely ubiquitous in our technology-driven world. Health care providers and organizations, for example, may use tracking...more
The Office for Civil Rights (OCR) of the U.S. Department of Health and Human Services (HHS) issued a Bulletin (Dec. 2022) outlining the obligations for HIPAA covered entities and businesses when deploying online tracking...more
Websites using data tracking and collection software risk potentially serious consequences under the Health Insurance Portability and Accountability Act of 1996, commonly referred to as “HIPAA.” In a Bulletin issued December...more
On February 1, 2023, the FTC announced a proposed $1.5 million settlement with GoodRx Holdings, based on alleged violations of the Federal Trade Commission Act (“FTC Act”) and Health Breach Notification Rule (“HBNR”) for...more
Report on Patient Privacy Volume 23, no 1 (January 2023) The Centers for Medicare & Medicaid Services (CMS) said a data breach at a Medicare subcontractor impacted the personally identifiable information and protected...more
Last month, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) issued a bulletin with guidance concerning the use of online tracking technologies by covered entities and business associates...more
Recently, lawsuits have been filed against Duke and WakeMed regarding their use of Meta’s Meta Pixel tracking product and the alleged improper disclosure of patients’ protected health information (“PHI”). The U.S. Department...more
On December 1, 2022, the Office for Civil Rights (OCR) of the U.S. Department of Health and Human Services (HHS) issued a Bulletin to highlight the obligations of HIPAA-covered entities and business associates when using...more
The U.S. Department of Health and Human Services Office for Civil Rights (OCR) issued guidance regarding covered entities’ and business associates’ use of tracking technologies (the Guidance). As discussed in greater detail...more
Report on Patient Privacy 22, no. 8 (August, 2022) - The Department of Justice (DOJ) seized around $500,000 in Bitcoin ransom paid by two health care organizations in Kansas and Colorado to North Korean ransomware actors...more
In the wake of the U.S. Supreme Court’s decision in Dobbs v. Jackson Women’s Health Organization, many individuals and organizations have expressed uncertainty about the protection afforded to data stored on health apps,...more
To date, there has been little consistency in how Health Insurance Portability and Accountability Act (HIPAA) requirements are enforced by the U.S. Department of Health and Human Services (HHS), or the amount of settlements...more
Do you want a simple way to keep current on important privacy changes? Avoid sleepless nights wondering whether you missed a privacy speed bump or pothole between annual updates? Worry no longer. Troutman Pepper is pleased to...more
In an era of decreasing reimbursement and rapidly expanding opportunities associated with “big data”, healthcare entities may be looking for ways to monetize protected health information (“PHI”) for their own, non-patient...more
Google Health’s Partnerships Raise Privacy Concerns - Recently, Google has been at the center of privacy concerns due to its health- sharing collaborations with the University of Chicago Medical Center (the Medical Center)...more
Editors’ Note: This is the fourth in our fourth-annual end-of-year series examining important trends in data privacy and cybersecurity in the coming year. Our previous entry discussed the CCPA, energy, and Brexit. Up next:...more