On September 15, 2023, the Federal Trade Commission and the Department of Health and Human Services published an updated version of the two agencies’ joint publication, entitled “Collecting, Using, or Sharing Consumer Health Information? Look to HIPAA, the FTC Act, and the Health Breach Notification Rule.”
Continue Reading FTC and HHS Update Consumer Health Data Privacy and Security Guide
Health Privacy
ONC and HHS OCR Release Updated HIPAA Security Risk Assessment Tool
Posted on
Posted in Health Privacy, U.S. Federal Law
On September 13, 2023, the National Coordinator for Health Information Technology and the Office for Civil Rights at the U.S. Department of Health and Human Services released version 3.4 of the Security Risk Assessment Tool under the Health Insurance Portability and Accountability Act Security Rule.
Continue Reading ONC and HHS OCR Release Updated HIPAA Security Risk Assessment Tool
New Washington State Geofencing Ban Set to Take Effect in July
Posted on
Posted in Health Privacy, U.S. State Law
On April 27, 2023, Washington adopted the My Health My Data Act. Most of the law’s provisions are not effective until March 31, 2024 (or June 30, 2024 for small businesses). The law’s geofencing prohibition, however, is set to take effect on July 23, 2023.
Continue Reading New Washington State Geofencing Ban Set to Take Effect in July
Connecticut and Nevada Legislatures Pass Health Data Laws
Posted on
On June 2 and June 5, 2023, the Connecticut and Nevada state legislatures, respectively, voted in favor of sending legislation to their governors for signature that would impose restrictions, among others, on the processing of consumer health data, including geofencing provisions. Nevada S.B. 370 was signed by Nevada Governor Joe Lombardo on June 16, 2023. …
Continue Reading Connecticut and Nevada Legislatures Pass Health Data Laws
FTC Proposes Amendments to Health Breach Notification Rule
Posted on
n May 18, 2023, the Federal Trade Commission announced it is seeking comment to proposed changes to the Health Breach Notification Rule. …
Continue Reading FTC Proposes Amendments to Health Breach Notification Rule
New York State Passes Prohibition on Geofences Around Health Care Facilities
Posted on
Posted in Health Privacy, U.S. State Law
On May 3, 2023, New York Governor Kathy Hochul signed into law fiscal bill A.3007C/S.4007, which contains provisions prohibiting the establishment of a geofence around health care facilities.
Continue Reading New York State Passes Prohibition on Geofences Around Health Care Facilities
FTC Brings Enforcement Action Against Pregnancy App for Sharing Sensitive Data
Posted on
On May 17, 2023, the Federal Trade Commission issued a consumer alert regarding the Premom Ovulation Tracker app sharing of sensitive information with third parties without users’ permission.
Continue Reading FTC Brings Enforcement Action Against Pregnancy App for Sharing Sensitive Data
Washington Becomes the First State to Enact a Comprehensive Health Privacy Law
Posted on
Posted in Health Privacy, U.S. State Law
On April 17, 2023, the Washington State House concurred to the Washington State Senate’s amendments to Washington State House Bill 1155, the My Health My Data Act, clearing the bill’s way to Governor Jay Inslee for a final signature. …
Continue Reading Washington Becomes the First State to Enact a Comprehensive Health Privacy Law
HHS Issues NPRM to Strengthen Protections under HIPAA for Reproductive Privacy
Posted on
Posted in Health Privacy
On April 12, 2023, the U.S. Department of Health and Human Services issued a Notice of Proposed Rulemaking to modify protections under the Health Insurance Portability and Accountability Act of 1996 to strengthen reproductive health care privacy.
Continue Reading HHS Issues NPRM to Strengthen Protections under HIPAA for Reproductive Privacy
FTC Announces Proposed Order against BetterHelp for Disclosing Sensitive Mental Health Information to Third Parties for Targeted Advertising Purposes
Posted on
Posted in Health Privacy, Online Privacy
On March 2, 2023, the FTC announced a proposed order against BetterHelp, Inc., an online mental health counseling service, for sharing consumer data, including sensitive mental health information, with third parties for targeted advertising and other purposes. …
Continue Reading FTC Announces Proposed Order against BetterHelp for Disclosing Sensitive Mental Health Information to Third Parties for Targeted Advertising Purposes