Lexology May 4, 2023
Troutman Pepper

Online Tracking Technologies and HIPAA. In December 2022, the Department of Health and Human Services Office for Civil Rights (OCR) published a bulletin on the use of online tracking technologies (e.g., cookies or web beacons) by entities regulated under the Health Insurance Portability and Accountability Act of 1996 (HIPAA). Specifically, the OCR noted:

  • In the course of gathering data, these online tracking technologies may collect protected health information (PHI); and

  • The collection or analysis of the data may involve unauthorized disclosures of PHI to third-party tracking technology vendors or other related third-party vendors.

Most importantly, the OCR indicated that individually identifiable health information (IIHI) collected on a regulated entity’s (i.e., a covered entity’s or...

Today's Sponsors

Venturous
Got healthcare questions? Just ask Transcarent

Today's Sponsor

Venturous

Continue Reading

 
Topics: Govt Agencies, Healthcare System, HHS, HIPAA, Patient / Consumer, Privacy / Security, Provider
Related Articles:
Patient Privacy at Risk: The Hidden Flaws in Healthcare Data De-Identification (And How to Fix Them)
New privacy screen protectors launched to help practices stay HIPAA compliant
2024 Privacy, AI & Cybersecurity Year in Review
European Commission Withdraws Draft Rules on Technology Patents, AI Liability and Consumer Privacy
EU pulls back – for the moment – on privacy and genAI liability compliance regulations

Share This Article