Lexology May 3, 2024
Freshfields Bruckhaus Deringer

On April 26, 2024, the Federal Trade Commission codified revisions to the Health Breach Notification Rule (“HBNR” or “Rule”). In recent years, the Commission has made clear through enforcement actions and policy statements that it takes an expansive view of the Rule’s scope. The revisions cement these policy positions by significantly broadening both the entities covered by the Rule and the activities that trigger the Rule’s notification obligations. Companies that offer websites, apps, or connected devices to assist users with health or wellness may need to revise their cybersecurity and privacy policies and procedures in light of these revisions.

The changes did not alter the Rule’s basic obligations – the HBNR ensures that entities not covered by the Health Insurance...

Today's Sponsors

LEK
ZeOmega

Today's Sponsor

LEK

Continue Reading

 
Topics: Cybersecurity, Govt Agencies, Health IT, HIPAA, Provider, Technology
Related Articles:
A unified front: Cybersecurity's role in healthcare operations and patient safety | Viewpoint
3 leadership lessons we can learn from ethical hackers
Demonstrating Cybersecurity ROI: How To Get The C-Suite On Board With Zero Trust
Hospital cybersecurity spend to rise in 2025: 4 details
GAO: HHS falls short on healthcare cybersecurity

Share This Article