Tagged: HIPAA

Tracking Online User Activity: HIPAA and Other Legal Risks

The use of tracking technologies on websites and mobile applications (e.g., cookies) has become largely ubiquitous in our technology-driven world. Health care providers and organizations, for example, may use tracking technologies to identify their patients’ care needs and improve patient experience. As the use of tracking technologies burgeons, so do concerns from individuals about how...

FTC Takes First Enforcement Action for Violation of the Health Breach Notification Rule – A Federal Health Privacy Rule Beyond HIPAA

On February 1, 2023, the Federal Trade Commission (FTC) filed a complaint in the U.S. District Court for the Northern District of California alleging that digital health platform GoodRx violated the FTC Act by repeatedly sharing personal health information with advertising companies and platforms, such as Facebook and Google, and failed to report the unauthorized...

Living in a Virtual World: The Post-Pandemic Future of Telehealth

The COVID-19 pandemic required health care providers of all sizes to make drastic changes to the mode of patient care delivery. Telehealth quickly emerged as a safe alternative to in-person patient visits, and many providers quickly transitioned to virtual services. The pandemic-initiated expansion of telehealth was rapid and significant, but the pandemic likely accelerated existing...

The “Regulatory Sprint to Coordinated Care” – Overview and Links to Further Resources from Dorsey & Whitney

In 2018, the U.S. Department of Health and Human Services (“HHS”) launched the “Regulatory Sprint to Coordinated Care” to accelerate a transformation of the healthcare system, with a focus on removing “unnecessary obstacles” to coordinated care (the “Regulatory Sprint”). Several HHS agencies requested comments and information from the public and have published new or proposed...

Is Data the Next Frontier in ERISA Litigation?

Health and retirement benefit plans subject to the Employee Retirement Income Security Act (“ERISA”) have troves of personal information regarding plan participants and their beneficiaries—e.g., participants’ age, marital status, personal assets, medical and prescription drug claim data, and medical history. Although the Health Insurance Portability & Accountability Act (“HIPAA”) regulates treatment of protected health information,...

The Regulatory Sprint Catches up to HIPAA: New Proposed HIPAA Rules

Today, the Department of Health and Human Services’ (“HHS”) Office for Civil Rights (“OCR”) issued a Notice of Proposed Rulemaking (“NPRM”) which proposes significant changes to the Health Insurance Portability and Accountability Act (“HIPAA”) and to the Health Information Technology for Economic and Clinical Health Act (“HITECH”) Privacy Rule (the “Privacy Rule”).  The NPRM includes...

2020’s a Bust, but HIPAA Enforcement Is on a Roll!

The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) has been actively enforcing HIPAA regulations this year, including a series of seven settlements under OCR’s Right of Access Initiative to enforce patients’ rights to timely access their medical records at a reasonable cost. This year, OCR has recorded...

Privacy of Substance Use Disorder Records and The CARES Act: Steps Toward Harmonizing Part 2 Privacy Laws with HIPAA

The recently-enacted Coronavirus Aid, Relief, and Economic Security Act (the “CARES Act”) is generally known for providing relief funds and other resources to help individuals, small businesses, state and local governments, and hospitals and healthcare providers address the COVID-19 public health emergency.  However, among the lesser-known of the CARES Act provisions are changes to federal...

HIPAA and COVID-19 Updates: The Office for Civil Rights Provides Additional Guidance on Permitted Disclosures to First Responders

Since the COVID-19 outbreak, many health care providers have had a myriad of HIPAA questions, including questions about whether they can share some types of information and, if so, the type of information they can share with first responders who may have been exposed. Today, the Office for Civil Rights (OCR) published guidance outlining the...

COVID-19 and Cross-State Clinician Licensure: Federal and State Regulations, Revisited, and What To Do About Them

The COVID-19 pandemic has dramatically increased the number of patients and providers seeking to implement and use telehealth visits and other digital health solutions – and rapidly, at that.  The challenge of implementing digital health solutions, particularly telehealth, has historically been the patchwork setup of both federal and various state regulations that made it difficult...