If you are a HIPAA-covered entity or business associate, you likely know that patient PHI may only be created, received, maintained, and transmitted as permitted by the HIPAA Security Rule
Continue Reading Is Your Website HIPAA-Compliant?
Monitoring Legal Developments Relating to the Privacy and Security of Health Information
If you are a HIPAA-covered entity or business associate, you likely know that patient PHI may only be created, received, maintained, and transmitted as permitted by the HIPAA Security Rule…
Continue Reading Is Your Website HIPAA-Compliant?If you are dealing with sensitive information of any kind (yes, this includes precise geolocation, ethnicity, sexual orientation, etc), but especially health information (and yes, reproductive health information too), do…
Continue Reading Beware of Third-Party Trackers Like Meta Pixel. Ignoring Them Could Be Costly.The U.S. Department of Health and Human Services (HHS) issued guidance on June 29 discussing privacy protections under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) in the…
Continue Reading HHS Issues Guidance in Light of Dobbs DecisionOn June 13th, U.S. Department of Health & Human Services (“HHS”) issued guidance advising that covered health care providers and health plans (covered entities) can provide audio-only telehealth services…
Continue Reading New Telehealth Guidance Gives Thumbs-Up to Audio-Only ServicesThe Federal Trade Commission seems to be getting serious about unauthorized disclosures of data collected by health apps. In a Policy Statement issued on September 15, 2021, the FTC says…
Continue Reading HIPAA or Not, Health Apps Must Provide Breach Notification
Artificial Intelligence (AI) is widely viewed as a valuable tool for improving health and healthcare. It is being used by major technology companies such as Google, small start-up companies, and…
Continue Reading 4 Key Take-Aways For Harnessing AI In Compliance with HIPAA
The Department of Health and Human Services (“HHS”) Office of Civil Rights (“OCR”) recently settled four more investigations under the HIPAA Right of Access Initiative, which totals 11 settlements thus…
Continue Reading The OCR Remains Increasingly Active under the HIPAA Right of Access Initiative
A tricky issue for mobile health app developers since the Office for Civil Rights (OCR) released its first “Health App Use Scenarios & HIPAA” guidance back in 2016 has been…
Continue Reading New OCR Resource Adds Guidance on HIPAA and Direct-to-Consumer Health Apps
A patient asks her doctor to send her test results to an app the patient has downloaded on her phone. The doctor worries that the app is not secure and…
Continue Reading “I Have an App for That”: ONC’s Information Blocking Rule and HIPAA Access Rights
More and more often, health care data is stolen or made inaccessible by targeted ransomware attacks. The Office for Civil Rights (OCR) published a newsletter this week that provides warnings…
Continue Reading How the Grinch Steals Health Care Data: OCR Warnings and Tips in Time for the Holidays