The HIPAA Privacy Rule has been modified by the US Department of Health and Human Services (HHS) to increase privacy protections for reproductive health care information. These changes, which will take effect in early 2026,...more
A new report from U.S. Senator Bill Cassidy calls on Congress to update the Health Insurance Portability and Accountability Act (HIPAA) and develop new, comprehensive privacy legislation to further regulate consumer health...more
Adding to the growing trend of policymakers interested in regulating health and wellness data, last week U.S. Senator Bill Cassidy requested stakeholder feedback to help identify solutions to modernize HIPAA and ensure all...more
9/12/2023
/ Biometric Information ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Department of Health and Human Services (HHS) ,
Health Information Technologies ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Patient Privacy Rights ,
Personally Identifiable Information ,
Privacy Laws ,
Regulatory Agenda
The U.S. Department of Health and Human Services (“HHS”) is proposing changes to HIPAA that would increase protections for reproductive health care information. If finalized, these changes would prohibit HIPAA-regulated...more
This week the U.S. Department of Health and Human Services, the agency responsible for HIPAA enforcement, announced the formation of three new divisions within the Office for Civil Rights (“OCR”). The new divisions –...more
HIPAA covered entities will be required to change their HIPAA Notices of Privacy Practices (NPPs) if a recent proposed rule by the US Department of Health and Human Services is finalized. The Proposed Rule is designed to...more
In the wake of the Supreme Court’s seismic decision in Dobbs v. Jackson Women’s Health Organization, the U.S. Department of Health and Human Services (HHS) has issued guidance to help patients, providers, and other health...more
The US Department of Health Human Services (HHS) is seeking public comments about the appropriate role of “recognized security practices” in enforcement of the HIPAA Security Rule. Congress, through an amendment to the HITECH...more
The Federal Trade Commission (FTC) recently has signaled its intent to inject new life into a longstanding but rarely triggered rule governing health breach notifications for non-HIPAA-covered health records. Specifically,...more
2/28/2022
/ Breach Notification Rule ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Digital Health ,
Federal Trade Commission (FTC) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Popular
The National Institutes of Health has issued a request for information (RFI) on its Genomic Data Sharing (GDS) Policy to help ensure it keeps pace with the evolving genomic research landscape. The RFI will help inform...more
A new Policy Statement from the US Federal Trade Commission places companies that offer consumer-facing health apps and connected health and wellness devices on notice that they may be covered by a Health Breach Notification...more
10/6/2021
/ American Recovery and Reinvestment Act ,
Application Programming Interface (APIs) ,
Breach Notification Rule ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Department of Health and Human Services (HHS) ,
Federal Trade Commission (FTC) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Mobile Health Apps ,
Policy Statement ,
Popular
The National Institute of Standards and Technology (NIST) is seeking public comment as it prepares to update its Introductory Resource Guide on implementing the Health Insurance Portability and Accountability Act (HIPAA)...more
There has been a significant development in the ongoing debate regarding the scope of the authority of the Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) to issue penalties under the Health...more
HIPAA Privacy Rule changes that have the potential to significantly impact patients, covered entities, and business associates were proposed by the Department of Health and Human Services (HHS) in a Notice of Proposed...more
After a long hiatus, major league sports is making a successful return to the US. Intercollegiate sports too have returned in a limited fashion. There have been relatively few hiccups and the COVID-19 protocols implemented...more
Regulators, industry experts, and researchers provided insight into health privacy and security enforcement trends, emerging threats, and new tools at a recent conference focused on the Health Insurance Portability and...more
10/22/2019
/ Cyber Attacks ,
Cybersecurity ,
Cybersecurity Framework ,
Data Breach ,
Department of Health and Human Services (HHS) ,
Electronic Medical Records ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
Information Technology ,
NIST ,
OCR ,
Personally Identifiable Information ,
PHI ,
Right of Access ,
Risk Assessment
In a dramatic turn, the US Department of Health and Human Services (HHS) has announced that effective immediately, penalties for many HIPAA violations will be subject to substantially reduced limits. ...more
The Department of Health and Human Services (HHS) announced a Request for Information (RFI) regarding how the HIPAA Privacy, Security, and Breach Notification Rules could be modified to reduce regulatory burdens and to...more
12/18/2018
/ Breach Notification Rule ,
Comment Period ,
Data Security ,
Department of Health and Human Services (HHS) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HITECH Act ,
Notice of Privacy Practices ,
PHI ,
Privacy Rule ,
Regulatory Agenda ,
Regulatory Burden ,
Regulatory Oversight ,
Request For Information
Regulators provided key insights into enforcement trends and potential changes to HIPAA regulations at the 11th Annual “Safeguarding Health Information: Building Assurance Through HIPAA Security” conference in October...more
This is the sixth installment in Hogan Lovells’ series on the California Consumer Privacy Act.
The California Consumer Privacy Act of 2018 (CCPA) adds another set of privacy requirements for health and life sciences...more
10/8/2018
/ California Consumer Privacy Act (CCPA) ,
Clinical Trials ,
CMIA ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Exemptions ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Life Sciences ,
Nonprofits ,
Personally Identifiable Information ,
Privacy Laws
“The number one issue on the minds of many CEOs and boards is cyberattacks and data breaches,” said Hogan Lovells partner Marcy Wilder. In this hoganlovells.com interview, Wilder discusses three key things health sector...more
8/7/2017
/ Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Hackers ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
Information Technology ,
Personally Identifiable Information ,
Ransomware ,
Risk Management
New York AG Settles Data Protection Enforcement Against Mobile Health Apps -
After a year-long investigation into mobile health apps claiming to be able to measure vital signs or health indicators through smartphone...more
4/28/2017
/ App Developers ,
Cybersecurity Framework ,
Data Privacy ,
Data Protection ,
Enforcement Actions ,
Financial Institutions ,
Food and Drug Administration (FDA) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Insurance Industry ,
Marketing ,
Medical Devices ,
Misleading Statements ,
Mobile Health Apps ,
NYDFS ,
PHI ,
Popular ,
Regulatory Standards ,
Settlement ,
Smartphones