Top Stories
If you are a HIPAA-covered entity or business associate, you likely know that patient PHI may only be created, received, maintained, and transmitted as permitted by the HIPAA Security Rule and the HIPAA Privacy Rule. Yet you may not have focused on your company’s website as a place where PHI…
Continue Reading Is Your Website HIPAA-Compliant?If you are dealing with sensitive information of any kind (yes, this includes precise geolocation…
Continue Reading Beware of Third-Party Trackers Like Meta Pixel. Ignoring Them Could Be Costly.The U.S. Department of Health and Human Services (HHS) issued guidance on June 29 discussing…
Continue Reading HHS Issues Guidance in Light of Dobbs DecisionThe Health Insurance Portability and Accountability Act of 1996 may be the most well-known privacy…
Continue Reading HIPAA Covers a Lot Less Than People Think. But Beware of Other US Privacy Laws.The Latest
On June 13th, U.S. Department of Health & Human Services (“HHS”) issued guidance advising that covered health care providers and health plans (covered entities) can provide audio-only telehealth services as long…
Continue Reading New Telehealth Guidance Gives Thumbs-Up to Audio-Only ServicesReady or not, Roe v. Wade leak or not, health app developers are on notice. Those that collect sensitive personal information, such as reproductive data, must carefully navigate both federal…
Continue Reading Roe or Not, Health Apps Must Protect Reproductive DataIllinois’ Biometric Information Privacy Act Is Coming for Hospitals, Long-Term Care Providers
Attention hospitals, clinics, retirement homes and other long-term care providers! If you are collecting fingerprints to authenticate access to a medication dispensing system, then you need to be paying attention…
Continue Reading Illinois’ Biometric Information Privacy Act Is Coming for Hospitals, Long-Term Care ProvidersPlanned Parenthood Los Angeles Data Breach Coincides with Spotlight on Roe v. Wade
According to this article, 2021 has been a “particularly dire year” for health care data breaches. So, it may not seem shocking that a hacker gained access to the…
Continue Reading Planned Parenthood Los Angeles Data Breach Coincides with Spotlight on Roe v. WadeI dive into the HIPAA weeds on a daily basis, and am sometimes asked about similarities and differences between HIPAA and the European Union’s General Data Protection Regulation (GDPR). Fox…
Continue Reading How Does HIPAA Compare To GDPR?The Federal Trade Commission seems to be getting serious about unauthorized disclosures of data collected by health apps. In a Policy Statement issued on September 15, 2021, the FTC says…
Continue Reading HIPAA or Not, Health Apps Must Provide Breach NotificationBusiness Associates Beware: You May Need To Vaccinate Staff Under Recent Biden Executive Order
President Biden issued an Executive Order on September 9, 2021 (the “EO”) that will lead to required COVID-19 vaccinations for workers in most health care facilities that receive Medicare or…
Continue Reading Business Associates Beware: You May Need To Vaccinate Staff Under Recent Biden Executive OrderThe FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have issued a joint security advisory aimed at reminding businesses to be on guard over the Labor Day and other…
Continue Reading Holiday Weekends Provide No Time Off From Cyber ThreatsHIPAA has been around for a quarter century, but confusion continues as to its scope and applicability. The COVID pandemic, surge in Delta variant cases, and increasing number of employer…
Continue Reading “Are You Vaccinated?” Asking, Answering, and Clarifying HIPAA