Lexology May 3, 2024
Freshfields Bruckhaus Deringer

On April 26, 2024, the Federal Trade Commission codified revisions to the Health Breach Notification Rule (“HBNR” or “Rule”). In recent years, the Commission has made clear through enforcement actions and policy statements that it takes an expansive view of the Rule’s scope. The revisions cement these policy positions by significantly broadening both the entities covered by the Rule and the activities that trigger the Rule’s notification obligations. Companies that offer websites, apps, or connected devices to assist users with health or wellness may need to revise their cybersecurity and privacy policies and procedures in light of these revisions.

The changes did not alter the Rule’s basic obligations – the HBNR ensures that entities not covered by the Health Insurance...

Today's Sponsors

LEK
ZeOmega

Today's Sponsor

LEK

Continue Reading

 
Topics: Cybersecurity, Govt Agencies, Health IT, HIPAA, Provider, Technology
Related Articles:
Feds warn of Ghost ransomware targeting healthcare
1 year later: The Change Healthcare cyberattack and its lasting impact on healthcare
A Proactive Blueprint For Modern Cybersecurity
FBI Says Backup Now—Advisory Warns Of Dangerous Ransomware Attacks
How A Security Incident Response Plan Saves Money In Case Of A Cyberattack

Share This Article