Tagged: HIPAA

Broad New Washington Privacy Law Requires Immediate Compliance Action

The Dorsey Health Law blog team keeps readers up-to-date on relevant topics in the health care industry. In order to do so, the members of the blog team communicate regularly with other practice groups within the firm for applicable updates from client publications. For this post, we would like to thank Dorsey’s Ross D’Emanuele, Jamie...

HHS OCR Settles HIPAA Investigation with Business Associate for $350,000

Over the past decade, the number of health care data breaches reported to the U.S. Department of Health and Human Services’ Office for Civil Rights (“OCR”) has increased dramatically. From 2009 to 2022, over 5,000 data breaches affecting 500 or more records were reported to OCR, accounting for the exposure of over 380 million health...

Tracking Online User Activity: HIPAA and Other Legal Risks

The use of tracking technologies on websites and mobile applications (e.g., cookies) has become largely ubiquitous in our technology-driven world. Health care providers and organizations, for example, may use tracking technologies to identify their patients’ care needs and improve patient experience. As the use of tracking technologies burgeons, so do concerns from individuals about how...

FTC Takes First Enforcement Action for Violation of the Health Breach Notification Rule – A Federal Health Privacy Rule Beyond HIPAA

On February 1, 2023, the Federal Trade Commission (FTC) filed a complaint in the U.S. District Court for the Northern District of California alleging that digital health platform GoodRx violated the FTC Act by repeatedly sharing personal health information with advertising companies and platforms, such as Facebook and Google, and failed to report the unauthorized...

Living in a Virtual World: The Post-Pandemic Future of Telehealth

The COVID-19 pandemic required health care providers of all sizes to make drastic changes to the mode of patient care delivery. Telehealth quickly emerged as a safe alternative to in-person patient visits, and many providers quickly transitioned to virtual services. The pandemic-initiated expansion of telehealth was rapid and significant, but the pandemic likely accelerated existing...

The “Regulatory Sprint to Coordinated Care” – Overview and Links to Further Resources from Dorsey & Whitney

In 2018, the U.S. Department of Health and Human Services (“HHS”) launched the “Regulatory Sprint to Coordinated Care” to accelerate a transformation of the healthcare system, with a focus on removing “unnecessary obstacles” to coordinated care (the “Regulatory Sprint”). Several HHS agencies requested comments and information from the public and have published new or proposed...

Is Data the Next Frontier in ERISA Litigation?

Health and retirement benefit plans subject to the Employee Retirement Income Security Act (“ERISA”) have troves of personal information regarding plan participants and their beneficiaries—e.g., participants’ age, marital status, personal assets, medical and prescription drug claim data, and medical history. Although the Health Insurance Portability & Accountability Act (“HIPAA”) regulates treatment of protected health information,...

The Regulatory Sprint Catches up to HIPAA: New Proposed HIPAA Rules

Today, the Department of Health and Human Services’ (“HHS”) Office for Civil Rights (“OCR”) issued a Notice of Proposed Rulemaking (“NPRM”) which proposes significant changes to the Health Insurance Portability and Accountability Act (“HIPAA”) and to the Health Information Technology for Economic and Clinical Health Act (“HITECH”) Privacy Rule (the “Privacy Rule”).  The NPRM includes...

2020’s a Bust, but HIPAA Enforcement Is on a Roll!

The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) has been actively enforcing HIPAA regulations this year, including a series of seven settlements under OCR’s Right of Access Initiative to enforce patients’ rights to timely access their medical records at a reasonable cost. This year, OCR has recorded...

Privacy of Substance Use Disorder Records and The CARES Act: Steps Toward Harmonizing Part 2 Privacy Laws with HIPAA

The recently-enacted Coronavirus Aid, Relief, and Economic Security Act (the “CARES Act”) is generally known for providing relief funds and other resources to help individuals, small businesses, state and local governments, and hospitals and healthcare providers address the COVID-19 public health emergency.  However, among the lesser-known of the CARES Act provisions are changes to federal...