Lexology July 7, 2024
Hunton Andrews Kurth LLP

On June 20, 2024, the U.S. District Court for the Northern District of Texas Fort Worth Division ruled that guidance issued by the U.S. Department of Health and Human Services (“HHS”) relating to online tracking technologies exceeded HHS’ authority and ordered that it be vacated.

As previously reported, on December 1, 2022, HHS released a Bulletin on the obligations of HIPAA covered entities and business associates under the HIPAA Privacy, Security and Breach Notification Rules when using online tracking technologies. The Bulletin provided several hypotheticals that trigger HIPAA obligations, including when an online technology connects (1) an individual’s IP address with (2) a visit to a unauthenticated public webpage addressing specific health conditions or healthcare providers (the “Proscribed Combination”). The...

Today's Sponsors

LEK
ZeOmega

Today's Sponsor

LEK

Continue Reading

 
Topics: Apps, Digital Health, Govt Agencies, Health System / Hospital, HHS, HIPAA, Provider, Technology
Related Articles:
Scientists Fear What's Next for Public Health if RFK Jr. Is Allowed to 'Go Wild'
RFK Jr. nominated for HHS secretary. Who might he bring with him?
GAO: HHS falls short on healthcare cybersecurity
Support and Skepticism Emerge as Reactions to Robert F. Kennedy Jr’s HHS Nomination
What to know about HHS and how RFK Jr. could lead it

Share This Article