On September 15, 2023, the Federal Trade Commission and the Department of Health and Human Services published an updated version of the two agencies’ joint publication, entitled “Collecting, Using, or Sharing Consumer Health Information? Look to HIPAA, the FTC Act, and the Health Breach Notification Rule.”
Continue Reading FTC and HHS Update Consumer Health Data Privacy and Security Guide
Health Information
ONC and HHS OCR Release Updated HIPAA Security Risk Assessment Tool
On September 13, 2023, the National Coordinator for Health Information Technology and the Office for Civil Rights at the U.S. Department of Health and Human Services released version 3.4 of the Security Risk Assessment Tool under the Health Insurance Portability and Accountability Act Security Rule.
Continue Reading ONC and HHS OCR Release Updated HIPAA Security Risk Assessment Tool
HHS Issues NPRM to Strengthen Protections under HIPAA for Reproductive Privacy
On April 12, 2023, the U.S. Department of Health and Human Services issued a Notice of Proposed Rulemaking to modify protections under the Health Insurance Portability and Accountability Act of 1996 to strengthen reproductive health care privacy.
Continue Reading HHS Issues NPRM to Strengthen Protections under HIPAA for Reproductive Privacy
Illinois Federal Court Rules that BIPA Health Care Exemption Applies to Sunglasses Virtual Try-On Tool
On February 10, 2023, an Illinois federal district court ordered the dismissal of a putative class action lawsuit alleging that an online tool that allowed users to virtually try on sunglasses violated the Illinois Biometric Privacy Act. …
Continue Reading Illinois Federal Court Rules that BIPA Health Care Exemption Applies to Sunglasses Virtual Try-On Tool
HHS Releases Bulletin on Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates
On December 1, 2022, the Office for Civil Rights at the U.S. Department of Health and Human Services released a Bulletin on the obligations of HIPAA covered entities and business associates under the HIPAA Privacy, Security, and Breach Notification Rules when using online tracking technologies. …
Continue Reading HHS Releases Bulletin on Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates
NIH Confidentiality Certificates Add Layer of Privacy Protection Post-Dobbs
Following the ruling in Dobbs, the National Institutes of Health’s certificates of confidentiality offer an important layer of privacy protection to reproductive health research data. …
Continue Reading NIH Confidentiality Certificates Add Layer of Privacy Protection Post-Dobbs
HHS Issues Post-Dobbs Guidance to Protect Patient Privacy
On June 29, 2022, the U.S. Department of Health and Human Services issued two guidance documents to “help protect patients seeking reproductive health care, as well as their providers” following the Supreme Court’s decision in Dobbs vs. Jackson Women’s Health Organization. …
Continue Reading HHS Issues Post-Dobbs Guidance to Protect Patient Privacy