On December 17, 2024, the US Department of Health and Human Services (HHS) Assistant Secretary for Technology Policy/Office of the National Coordinator for Health Information Technology (ASTP) published the Health Data,...more
1/15/2025
/ 21st Century Cures Act ,
Compliance ,
Data Privacy ,
Data Protection ,
Department of Health and Human Services (HHS) ,
Final Rules ,
Health Information Technologies ,
Health Insurance Portability and Accountability Act (HIPAA) ,
OCR ,
Privacy Laws ,
Reproductive Healthcare Issues
The Health Data, Technology, and Interoperability: Certification Program Updates, Algorithm Transparency, and Information Sharing (HTI-1) final rule, issued by the US Department of Health and Human Services (HHS) Office of...more
4/10/2024
/ Algorithms ,
Artificial Intelligence ,
Certification Requirements ,
Data Protection ,
Department of Health and Human Services (HHS) ,
Final Rules ,
Health Information Technologies ,
Healthcare ,
Information Technology ,
ONC ,
Risk Management ,
Technology
Data governance is a mission-critical issue for every company and institution in the United States.
GCs face a host of pressing cybersecurity concerns. Triaging them requires time, attention, and a well-rounded strategy...more
8/18/2023
/ Cookies ,
Corporate Governance ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Disclosure Requirements ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
Healthcare ,
Legislative Agendas ,
Mobile Apps ,
New Legislation ,
New Rules ,
OCR ,
Personal Information ,
Regulatory Agenda ,
Risk Factors ,
Risk Management ,
State Privacy Laws ,
Technology Sector ,
Tracking Systems
In light of the increasing number of enforcement incidents under the General Data Protection Regulation (GDPR), organisations active in the Health and Life Sciences sectors in the United Kingdom, the European Union (EU) and...more
3/3/2023
/ Data Collection ,
Data Protection ,
Data-Sharing ,
EU ,
European Economic Area (EEA) ,
General Data Protection Regulation (GDPR) ,
Health Information Technologies ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Life Sciences ,
Personal Information ,
Regulatory Agenda ,
UK
Data license agreements have been a hot ticket item of the digital health market and are here to stay. With the exponential growth in licensed data, including de-identified patient data, data license agreement litigation and...more
10/7/2020
/ Asset Protection ,
California Consumer Privacy Act (CCPA) ,
Commercial Litigation ,
Contract Disputes ,
Contract Drafting ,
Contract Interpretation ,
Contract Terms ,
Data Protection ,
De-Identified Protected Health Information ,
Digital Health ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Intellectual Property Litigation ,
Intellectual Property Protection ,
License Agreements ,
Physicians ,
Regulatory Requirements ,
Remedies ,
Trade Secrets ,
Webinars
For companies seeking to use, license, or otherwise commercialize health data, there are potential inconsistencies among the HIPAA de-identification standard, the CCPA definition of de-identified data, and GDPR requirements...more
2/26/2020
/ Business Associates ,
California Consumer Privacy Act (CCPA) ,
Covered Entities ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Data Use Policies ,
De-Identified Protected Health Information ,
Electronic Protected Health Information (ePHI) ,
General Data Protection Regulation (GDPR) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
PHI ,
Webinars
The European Data Protection Supervisor, the independent European Union authority responsible for data protection regulatory oversight, issued a preliminary opinion on data protection and scientific research. The Opinion...more
1/24/2020
/ Advisory Opinions ,
Compliance ,
Consent ,
Data Protection ,
Data Protection Authority ,
Data Subjects Rights ,
EU ,
General Data Protection Regulation (GDPR) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Life Sciences ,
Member State ,
Personal Data ,
Scientific Research ,
The Common Rule ,
Transparency
On October 10, 2019, the California Attorney General released proposed regulations to implement the California Consumer Privacy Act (CCPA), including substantial new requirements not included in the CCPA. Here we offer a...more
10/15/2019
/ California Consumer Privacy Act (CCPA) ,
Compliance ,
Consumer Privacy Rights ,
Data Collection ,
Data Privacy ,
Data Protection ,
Notice Requirements ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Regulatory Requirements ,
State Attorneys General
The ONC recently released a proposed rule under the 21st Century Cures Act to promote interoperability of health IT and advance access, exchange or use of electronic health information. If finalized, the proposed rule would...more
3/28/2019
/ 21st Century Cures Act ,
APIs ,
Conditional Certification ,
Cost Recovery ,
Data Blocking ,
Data Privacy ,
Data Protection ,
Data-Sharing ,
Electronic Protected Health Information (ePHI) ,
Health Care Providers ,
Health Information Technologies ,
License Fees ,
ONC ,
Proposed Rules
The ONC finally released its long-awaited proposed rule to implement the “information blocking” prohibition of the 21st Century Cures Act by identifying conduct that is not information blocking. If finalized, ONC’s proposed...more
2/15/2019
/ 21st Century Cures Act ,
Centers for Medicare & Medicaid Services (CMS) ,
Data Privacy ,
Data Protection ,
Data-Sharing ,
Department of Health and Human Services (HHS) ,
Electronic Medical Records ,
Electronic Protected Health Information (ePHI) ,
Exceptions ,
Health Care Providers ,
Health Information Technologies ,
Hospitals ,
ONC ,
Patient Privacy Rights ,
Policies and Procedures ,
Proposed Rules ,
Public Comment ,
Regulatory Agenda ,
Regulatory Requirements
Introduction -
The past year was an active one for data privacy and security legislation and enforcement. Protection for certain personal data was enhanced internationally by the EU General Data Protection Regulation...more
1/29/2019
/ Biometric Information ,
Biometric Information Privacy Act ,
California Consumer Privacy Act (CCPA) ,
Cybersecurity ,
Data Protection ,
Digital Health ,
Electronic Protected Health Information (ePHI) ,
EU ,
General Data Protection Regulation (GDPR) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Personally Identifiable Information ,
State Data Breach Notification Statutes ,
UK
California’s Senate and Assembly unanimously approved AB 375 (also known as the California Consumer Privacy Act of 2018), on June 28, 2018. This new consumer privacy bill will be the most progressive and comprehensive privacy...more
Earlier this month, more than 45,000 attendees descended on Las Vegas, NV, for the nation’s largest annual health care technology conference: the 2018 HIMSS Conference & Exhibition (HIMSS18). Conversations and educational...more
The General Data Protection Regulation establishes protections for the privacy and security of personal data about individuals in the European Economic Area countries, and potentially affects the medical tourism programs and...more
In 2014, regulators around the globe issued guidelines, legislation and penalties in an effort to enhance security and control within the ever-shifting field of privacy and data protection. The Federal Trade Commission...more
12/11/2014
/ Africa ,
Anti-Spam Legislation ,
Canada ,
China ,
Cybersecurity ,
Data Protection ,
EU ,
EU Data Protection Laws ,
Federal Trade Commission (FTC) ,
Latin America ,
Legislative Agendas
On May 1, 2014, the White House released two reports addressing the public policy implications of the proliferation of big data. The first report is by the Executive Office of the President, entitled “Big Data: Seizing...more
5/13/2014
/ Barack Obama ,
Big Data ,
Data Breach ,
Data Protection ,
ECPA ,
Healthcare ,
Legislative Agendas ,
Life Sciences ,
Privacy Laws ,
Privacy Policy ,
Public Policy
The compliance date for the omnibus final rule amending the privacy, security, breach notification and enforcement regulations under the Health Insurance Portability and Accountability Act (HIPAA) and the Health Information...more
7/25/2013
/ Breach Notification Rule ,
Compliance ,
Data Breach ,
Data Protection ,
Deadlines ,
Enforcement ,
Final Rules ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
HIPAA Omnibus Rule ,
Privacy Policy
On January 25, 2013, the Office for Civil Rights (OCR) of the U.S. Department of Health and Human Services (HHS) published a final rule (Final Rule) containing modifications to the privacy standards (Privacy Rule), security...more
2/21/2013
/ Business Associates ,
Covered Entities ,
Data Breach ,
Data Protection ,
Department of Health and Human Services (HHS) ,
Enforcement ,
GINA ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HITECH Act ,
Notice Requirements ,
OCR ,
PHI ,
Privacy Rule