Recent enforcement actions, audit activity, proposed rulemakings, and guidance issued by the U.S. Department of Health and Human Services (“HHS”), Office for Civil Rights (“OCR”) highlight the agency’s focus on health data...more
1/17/2025
/ Artificial Intelligence ,
Audits ,
Compliance ,
Cyber Attacks ,
Cybersecurity ,
Data Privacy ,
Data Security ,
Enforcement Actions ,
Health Insurance Portability and Accountability Act (HIPAA) ,
OCR ,
Ransomware ,
Risk Management
Recent actions by state and federal lawmakers are trending toward increased regulation and oversight of uses of AI in health care. From patient communications to medical necessity determinations and more, legislators and...more
Texas Attorney (“AG”) General Ken Paxton announced a first-for-Texas settlement against a generative AI company using patient data and providing products to healthcare facilities....more
The HIPAA Privacy Rule has been modified by the US Department of Health and Human Services (HHS) to increase privacy protections for reproductive health care information. These changes, which will take effect in early 2026,...more
A new report from U.S. Senator Bill Cassidy calls on Congress to update the Health Insurance Portability and Accountability Act (HIPAA) and develop new, comprehensive privacy legislation to further regulate consumer health...more
Adding to the growing list of heightened privacy and data protection requirements imposed on consumer health data and other categories of sensitive personal data, the Washington Attorney General recently updated its guidance...more
President Biden’s groundbreaking Executive Order on artificial intelligence carries significant implications for the health and life science industry. The Order tasks federal agencies, including those responsible for health...more
Adding to the growing trend of policymakers interested in regulating health and wellness data, last week U.S. Senator Bill Cassidy requested stakeholder feedback to help identify solutions to modernize HIPAA and ensure all...more
9/12/2023
/ Biometric Information ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Department of Health and Human Services (HHS) ,
Health Information Technologies ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Patient Privacy Rights ,
Personally Identifiable Information ,
Privacy Laws ,
Regulatory Agenda
The U.S. Department of Health and Human Services (“HHS”) is proposing changes to HIPAA that would increase protections for reproductive health care information. If finalized, these changes would prohibit HIPAA-regulated...more
This week the U.S. Department of Health and Human Services, the agency responsible for HIPAA enforcement, announced the formation of three new divisions within the Office for Civil Rights (“OCR”). The new divisions –...more
HIPAA covered entities will be required to change their HIPAA Notices of Privacy Practices (NPPs) if a recent proposed rule by the US Department of Health and Human Services is finalized. The Proposed Rule is designed to...more
In the wake of the Supreme Court’s seismic decision in Dobbs v. Jackson Women’s Health Organization, the U.S. Department of Health and Human Services (HHS) has issued guidance to help patients, providers, and other health...more
Momentum is growing for a federal privacy law in the United States. A bipartisan group of House and Senate leaders have released a discussion draft of a baseline consumer data protection legislation. The American Data...more
The US Department of Health Human Services (HHS) is seeking public comments about the appropriate role of “recognized security practices” in enforcement of the HIPAA Security Rule. Congress, through an amendment to the HITECH...more
The Federal Trade Commission (FTC) recently has signaled its intent to inject new life into a longstanding but rarely triggered rule governing health breach notifications for non-HIPAA-covered health records. Specifically,...more
2/28/2022
/ Breach Notification Rule ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Digital Health ,
Federal Trade Commission (FTC) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Popular
The National Institutes of Health has issued a request for information (RFI) on its Genomic Data Sharing (GDS) Policy to help ensure it keeps pace with the evolving genomic research landscape. The RFI will help inform...more
A new Policy Statement from the US Federal Trade Commission places companies that offer consumer-facing health apps and connected health and wellness devices on notice that they may be covered by a Health Breach Notification...more
10/6/2021
/ American Recovery and Reinvestment Act ,
Application Programming Interface (APIs) ,
Breach Notification Rule ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Department of Health and Human Services (HHS) ,
Federal Trade Commission (FTC) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Mobile Health Apps ,
Policy Statement ,
Popular
The National Institute of Standards and Technology (NIST) is seeking public comment as it prepares to update its Introductory Resource Guide on implementing the Health Insurance Portability and Accountability Act (HIPAA)...more
There has been a significant development in the ongoing debate regarding the scope of the authority of the Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) to issue penalties under the Health...more
There has been a significant development in the ongoing debate regarding the scope of the authority of the Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) to issue penalties under the Health...more
HIPAA Privacy Rule changes that have the potential to significantly impact patients, covered entities, and business associates were proposed by the Department of Health and Human Services (HHS) in a Notice of Proposed...more
After a long hiatus, major league sports is making a successful return to the US. Intercollegiate sports too have returned in a limited fashion. There have been relatively few hiccups and the COVID-19 protocols implemented...more
As the world focuses its efforts on the right strategy to beat the coronavirus and make normal life safe again, businesses are devising and implementing a variety of measures to deal with the COVID-19 crisis which rely on the...more
5/21/2020
/ Clinical Trials ,
Cloud Computing ,
Consumer Privacy Rights ,
Coronavirus/COVID-19 ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Employee Privacy Rights ,
Personally Identifiable Information ,
Screening Procedures
The world is on a mission: beating the coronavirus and making normal life safe again. This is a scientific and medical challenge like no other, but our collective hope is that a viable solution will be found. In parallel,...more
We are pleased to provide you with the third annual installment of our Life Sciences and Health Care Horizons guide. For each of these guides, we have asked our industry thought leaders throughout the world to write about...more
2/26/2020
/ 3D Printing ,
AIDS ,
Analytics ,
Artificial Intelligence ,
Biosimilars ,
Biotechnology ,
Blockchain ,
California Consumer Privacy Act (CCPA) ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Department of Defense (DOD) ,
Digital Health ,
Drug Distribution ,
Drug Pricing ,
EU ,
Federal Funding ,
Food and Drug Administration (FDA) ,
General Data Protection Regulation (GDPR) ,
Health Technology ,
HIV ,
Incident Response Plans ,
Intellectual Property Protection ,
Life Sciences ,
Medical Device Data System ,
Medical Devices ,
Medical Software ,
Over The Counter Drugs (OTC) ,
Pharmaceutical Industry ,
PHI ,
Prescription Drugs ,
Procurement Guidelines ,
Regulatory Standards ,
Research and Development ,
Right to Try ,
Robotics ,
Supply Chain ,
Telehealth