If you are a HIPAA-covered entity or business associate, you likely know that patient PHI may only be created, received, maintained, and transmitted as permitted by the HIPAA Security Rule
Continue Reading Is Your Website HIPAA-Compliant?
Beware of Third-Party Trackers Like Meta Pixel. Ignoring Them Could Be Costly.
If you are dealing with sensitive information of any kind (yes, this includes precise geolocation, ethnicity, sexual orientation, etc), but especially health information (and yes, reproductive health information too), do
Continue Reading Beware of Third-Party Trackers Like Meta Pixel. Ignoring Them Could Be Costly.HHS Issues Guidance in Light of Dobbs Decision
The U.S. Department of Health and Human Services (HHS) issued guidance on June 29 discussing privacy protections under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) in the
Continue Reading HHS Issues Guidance in Light of Dobbs DecisionNew Telehealth Guidance Gives Thumbs-Up to Audio-Only Services
On June 13th, U.S. Department of Health & Human Services (“HHS”) issued guidance advising that covered health care providers and health plans (covered entities) can provide audio-only telehealth services
Continue Reading New Telehealth Guidance Gives Thumbs-Up to Audio-Only ServicesHIPAA or Not, Health Apps Must Provide Breach Notification
The Federal Trade Commission seems to be getting serious about unauthorized disclosures of data collected by health apps. In a Policy Statement issued on September 15, 2021, the FTC says
Continue Reading HIPAA or Not, Health Apps Must Provide Breach Notification
4 Key Take-Aways For Harnessing AI In Compliance with HIPAA
Artificial Intelligence (AI) is widely viewed as a valuable tool for improving health and healthcare. It is being used by major technology companies such as Google, small start-up companies, and
Continue Reading 4 Key Take-Aways For Harnessing AI In Compliance with HIPAA
The OCR Remains Increasingly Active under the HIPAA Right of Access Initiative
The Department of Health and Human Services (“HHS”) Office of Civil Rights (“OCR”) recently settled four more investigations under the HIPAA Right of Access Initiative, which totals 11 settlements thus
Continue Reading The OCR Remains Increasingly Active under the HIPAA Right of Access Initiative
New OCR Resource Adds Guidance on HIPAA and Direct-to-Consumer Health Apps
A tricky issue for mobile health app developers since the Office for Civil Rights (OCR) released its first “Health App Use Scenarios & HIPAA” guidance back in 2016 has been
Continue Reading New OCR Resource Adds Guidance on HIPAA and Direct-to-Consumer Health Apps
“I Have an App for That”: ONC’s Information Blocking Rule and HIPAA Access Rights
A patient asks her doctor to send her test results to an app the patient has downloaded on her phone. The doctor worries that the app is not secure and
Continue Reading “I Have an App for That”: ONC’s Information Blocking Rule and HIPAA Access Rights
How the Grinch Steals Health Care Data: OCR Warnings and Tips in Time for the Holidays
More and more often, health care data is stolen or made inaccessible by targeted ransomware attacks. The Office for Civil Rights (OCR) published a newsletter this week that provides warnings
Continue Reading How the Grinch Steals Health Care Data: OCR Warnings and Tips in Time for the Holidays