The Federal Trade Commission seems to be getting serious about unauthorized disclosures of data collected by health apps. In a Policy Statement issued on September 15, 2021, the FTC says
Continue Reading HIPAA or Not, Health Apps Must Provide Breach Notification
Business Associates Beware: You May Need To Vaccinate Staff Under Recent Biden Executive Order
President Biden issued an Executive Order on September 9, 2021 (the “EO”) that will lead to required COVID-19 vaccinations for workers in most health care facilities that receive Medicare or…
Continue Reading Business Associates Beware: You May Need To Vaccinate Staff Under Recent Biden Executive Order
Holiday Weekends Provide No Time Off From Cyber Threats

The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have issued a joint security advisory aimed at reminding businesses to be on guard over the Labor Day and other
…
Continue Reading Holiday Weekends Provide No Time Off From Cyber Threats
“Are You Vaccinated?” Asking, Answering, and Clarifying HIPAA
HIPAA has been around for a quarter century, but confusion continues as to its scope and applicability. The COVID pandemic, surge in Delta variant cases, and increasing number of employer…
Continue Reading “Are You Vaccinated?” Asking, Answering, and Clarifying HIPAA
4 Key Take-Aways For Harnessing AI In Compliance with HIPAA
Artificial Intelligence (AI) is widely viewed as a valuable tool for improving health and healthcare. It is being used by major technology companies such as Google, small start-up companies, and…
Continue Reading 4 Key Take-Aways For Harnessing AI In Compliance with HIPAA
Flo Health App Fallout: HIPAA-like Breach Notification Rule Not Enforced by FTC
Flo Health, Inc., which marketed an app used by more than 100 million women interested in tracking their personal menstruation and fertility information, seems to be getting off easily as…
Continue Reading Flo Health App Fallout: HIPAA-like Breach Notification Rule Not Enforced by FTC
No Signs of Slowing Down: The OCR Settles another Investigation under the HIPAA Right of Access Initiative
Prior to the holiday, the OCR settled its thirteenth enforcement action under the HIPAA Right of Access Initiative, which involved a primary care physician practicing in the State of Georgia. …
Continue Reading No Signs of Slowing Down: The OCR Settles another Investigation under the HIPAA Right of Access Initiative
New Year Likely to Bring New Incentive for Cybersecurity Investment
H.R. 7898, sent to the President for signature on December 24, 2020 may be the HIPAA holiday gift covered entities and business associates have been waiting for. The bill…
Continue Reading New Year Likely to Bring New Incentive for Cybersecurity Investment
The OCR Remains Increasingly Active under the HIPAA Right of Access Initiative
The Department of Health and Human Services (“HHS”) Office of Civil Rights (“OCR”) recently settled four more investigations under the HIPAA Right of Access Initiative, which totals 11 settlements thus…
Continue Reading The OCR Remains Increasingly Active under the HIPAA Right of Access Initiative
Re-Setting the Clock for Responding to Individual Access Requests Under the Information Blocking Rule
Covered entities beware: a timing pitfall lurks within the recently adopted rules prohibiting information blocking. We have posted about OCR’s “Right to Access Initiative” and numerous enforcement actions taken to…
Continue Reading Re-Setting the Clock for Responding to Individual Access Requests Under the Information Blocking Rule