The American Privacy Rights Act of 2024 (APRA), a bipartisan and “historic” comprehensive data privacy bill unveiled April 8, 2024, would preempt state data privacy laws and be enforced by the Federal Trade Commission,...more
Today the U.S. Department of Health & Human Services (HHS) finalized rules published in December of 2022 changing the requirements for handling SUD patient information governed by 45 CFR part 2 (Part 2)....more
Exactly 12 days before Christmas, the U.S. Department of Health and Human Services’ Office of the National Coordinator (ONC) gave the health industry a unique gift buried in a 900+ page rule adoption. The gift? The first...more
Despite its misleading title, Washington’s My Health My Data Act will regulate many things most people would not think of as health-related data. It will also regulate non-Washington entities, mere processors of...more
As states enact and enforce various laws restricting, prohibiting, and even criminalizing abortion and other reproductive health care services, HIPAA rules that allow disclosure of patient information become potential privacy...more
Watch out HHS, the FTC is taking the lead in enforcing privacy violations by companies also subject to HIPAA. BetterHelp, an on-line mental health platform, engaged in unfair and unreasonable privacy practices according to...more
Data Privacy Day is this weekend. Here are some tips and pointers individuals and businesses should keep in mind going forward.
1. Transparency is front and center for regulators in the United States and Europe, so if...more
Earlier this week, our Fox partner Odia Kagan spoke on HIMSS TV about the risks associated with what may be a “blind spot” in your data privacy compliance efforts: the use of data trackers (such as cookies, tracking pixels,...more
The Supreme Court of the United States held in Dobbs v. Jackson Women’s Health Organization, that the Constitution does not confer a right to abortion, overruling long-standing precedent in Roe v. Wade and Planned Parenthood...more
7/5/2022
/ Abortion ,
Aiding and Abetting ,
Board of Directors ,
Department of Health and Human Services (HHS) ,
Dobbs v. Jackson Women’s Health Organization ,
Employee Assistance Programs ,
Employee Benefits ,
Employee Retirement Income Security Act (ERISA) ,
Employer Group Health Plans ,
Employment Discrimination ,
Equal Employment Opportunity Commission (EEOC) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HRA ,
PHI ,
Roe v Wade ,
SCOTUS ,
Self-Insured Health Plans ,
Title VII ,
Travel Expenses ,
White Collar Crimes
Ready or not, Roe v. Wade leak or not, health app developers are on notice. Those that collect sensitive personal information, such as reproductive data, must carefully navigate both federal and state laws. These laws are...more
According to this article, 2021 has been a “particularly dire year” for health care data breaches. So, it may not seem shocking that a hacker gained access to the protected health information of approximately 400,000...more
The Federal Trade Commission seems to be getting serious about unauthorized disclosures of data collected by health apps. In a Policy Statement issued on September 15, 2021, the FTC says it will enforce its Health Breach...more
President Biden issued an Executive Order on September 9, 2021 (the “EO”) that will lead to required COVID-19 vaccinations for workers in most health care facilities that receive Medicare or Medicaid funds. This covers...more
HIPAA has been around for a quarter century, but confusion continues as to its scope and applicability. The COVID pandemic, surge in Delta variant cases, and increasing number of employer and government vaccine mandates has...more
Clinical laboratories across the country have ramped up their diagnostic testing capabilities to meet the critical need for COVID-19 testing, which is essential to mitigating the spread of the virus. Many labs are responding...more
Flo Health, Inc., which marketed an app used by more than 100 million women interested in tracking their personal menstruation and fertility information, seems to be getting off easily as compared with HIPAA-covered entities...more
H.R. 7898, sent to the President for signature on December 24, 2020 may be the HIPAA holiday gift covered entities and business associates have been waiting for. The bill requires the Secretary of the Department of Health and...more
Covered entities beware: a timing pitfall lurks within the recently adopted rules prohibiting information blocking. We have posted about OCR’s “Right to Access Initiative” and numerous enforcement actions taken to make sure...more
A recent conversation with a colleague in California prompted me to write this. He said that as part of its back-to-school plan, his children’s elementary school district “highly encouraged” that all students be tested for...more
A tricky issue for mobile health app developers since the Office for Civil Rights (OCR) released its first “Health App Use Scenarios & HIPAA” guidance back in 2016 has been deciphering whether the developer is a business...more
The Office for Civil Rights within the Department of Health and Human Services (OCR) provided guidance in June that reassured covered entity health care providers and that it is generally OK to use or disclose protected...more
A patient asks her doctor to send her test results to an app the patient has downloaded on her phone. The doctor worries that the app is not secure and that the patient might not understand the security risks. What should...more
Fox Rothschild’s Privacy and Data Security practice group maintains this searchable PDF document as well as the Data Breach 411 app to inform businesses of the breach notification statutes in each of the 50 states, Guam,...more
7/21/2020
/ Attorney General ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Exceptions ,
Personal Information ,
Privacy Laws ,
Reporting Requirements ,
Safe Harbors
A joint Alert from the U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) and the U.K.’s National Cyber Security Centre (NCSC) warns of new cyber attacks targeting COVID-19-related...more
Fox Rothschild LLP partner Beth Larkin listened to the HHS Office for Civil Rights 4/24/20 webinar (which should be posted on its website at some point) regarding HIPAA and COVID-19 and took notes. Here’s my summary of key...more