The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently proposed a sweeping rewrite of the HIPAA Security Rule that, if finalized, will require that many Covered Entities and their...more
The increased use of artificial intelligence (AI) in the banking, insurance, and financial services industries has led the New York State Department of Financial Services (NYDFS or Department) to publish an Industry Letter on...more
The healthcare sector has seen an alarming uptick in cybersecurity incidents, including ransomware attacks, in recent years. In response to these cybersecurity threats, New York State is ramping-up efforts to protect patient...more
11/12/2024
/ Compliance ,
Cybersecurity ,
Data Breach ,
Data Security ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Healthcare Facilities ,
Hospitals ,
New York ,
PHI ,
Regulatory Requirements
The Federal Trade Commission’s (FTC) years-long effort to modernize its Health Breach Notification Rule (HBNR) in the midst of a swiftly changing technological landscape appears to be coming to an end. On Thursday, May 30,...more
7/2/2024
/ Cybersecurity ,
Data Breach ,
Data Protection ,
Electronic Protected Health Information (ePHI) ,
Federal Trade Commission (FTC) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
HIPAA Breach Notification Rule ,
Patient Privacy Rights ,
PHI ,
Popular ,
Reporting Requirements
The Federal Trade Commission’s (FTC) years-long effort to modernize its Health Breach Notification Rule (HBNR) in the midst of a swiftly changing technological landscape appears to be coming to an end. On Thursday, May 30,...more
On July 20, 2023, the U.S. Department of Health and Human Services Office for Civil Rights (OCR) and the Federal Trade Commission (FTC)announced they were sending a joint letter to approximately 130 unidentified hospital...more
8/1/2023
/ Data Collection ,
Data Privacy ,
Federal Trade Commission (FTC) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Mobile Apps ,
OCR ,
Patient Privacy Rights ,
PHI ,
Telehealth ,
Tracking Systems
On June 27, 2023, the Department of Health and Human Services (HHS) Office of Inspector General (OIG) issued its long-anticipated final rule amending the OIG’s civil monetary penalty (CMP) regulations as they relate to...more
Direct-to-consumer health and wellness applications are forewarned: the Federal Trade Commission (FTC) is proposing changes to the Health Breach Notification Rule (HBNR), 16 C.F.R. part 318, that, if finalized, would cement...more
6/9/2023
/ Breach Notification Rule ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Federal Trade Commission (FTC) ,
Health Information Technologies ,
Healthcare ,
Mobile Health Apps ,
Patient Privacy Rights ,
Policy Statement ,
Popular ,
Regulatory Agenda ,
Regulatory Reform
The Department of Health and Human Services Office for Civil Rights (OCR) issued a proposed rule on April 17, 2023, to amend provisions of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) to strengthen...more
5/26/2023
/ Abortion ,
Comment Period ,
Department of Health and Human Services (HHS) ,
Dobbs v. Jackson Women’s Health Organization ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Healthcare Reform ,
OCR ,
Patient Privacy Rights ,
PHI ,
Pregnancy ,
Proposed Rules ,
Regulatory Agenda ,
Reproductive Healthcare Issues ,
Women's Rights
On April 11, 2023, the Department of Health and Human Services’ Office for Civil Rights (OCR) confirmed that four notifications of enforcement discretion regarding enforcement of the HIPAA Privacy, Security, and Breach...more
The Federal Trade Commission (FTC) continues to prioritize the protection of consumers’ digital health information. The agency has demonstrated this commitment through enforcement actions against GoodRx and BetterHelp for...more
4/5/2023
/ Breach Notification Rule ,
Data Collection ,
Digital Health ,
Electronic Protected Health Information (ePHI) ,
Federal Trade Commission (FTC) ,
FTC Act ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach Notification Rule ,
HIPAA Privacy Rule ,
HIPAA Security Rule ,
Life Sciences ,
New Guidance ,
Personal Information ,
Tracking Systems
Following its February settlement with GoodRx, the Federal Trade Commission (FTC) has fired another shot across the bow in its ongoing campaign to protect consumers’ digital health information. Earlier this month the FTC...more
3/27/2023
/ Advertising ,
Data Collection ,
Data Management ,
Data Privacy ,
Data-Sharing ,
Electronic Medical Records ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
FTC Act ,
Health Care Providers ,
Healthcare ,
Patient Privacy Rights ,
PHI ,
Unfair or Deceptive Trade Practices
The Federal Trade Commission (FTC) didn’t mince words. On September 2021, it called out the health app industry for failing to understand the agency’s Health Breach Notification Rule (HBNR) and for not disclosing its...more
What does it mean to “knowingly” or “recklessly” violate the law when that law consists of highly complex and ever-changing regulations, which may be open to interpretation? The U.S. Supreme Court recently agreed to review...more
2/1/2023
/ Case Consolidation ,
False Claims Act (FCA) ,
Health Care Providers ,
Healthcare ,
Healthcare Fraud ,
Relators ,
Scienter ,
SCOTUS ,
US ex rel Thomas Proctor v Safeway Inc ,
US ex rel Tracy Schutte et al v SuperValu Inc et al ,
Whistleblowers