Lexology May 3, 2024
Freshfields Bruckhaus Deringer

On April 26, 2024, the Federal Trade Commission codified revisions to the Health Breach Notification Rule (“HBNR” or “Rule”). In recent years, the Commission has made clear through enforcement actions and policy statements that it takes an expansive view of the Rule’s scope. The revisions cement these policy positions by significantly broadening both the entities covered by the Rule and the activities that trigger the Rule’s notification obligations. Companies that offer websites, apps, or connected devices to assist users with health or wellness may need to revise their cybersecurity and privacy policies and procedures in light of these revisions.

The changes did not alter the Rule’s basic obligations – the HBNR ensures that entities not covered by the Health Insurance...

Today's Sponsors

LEK
ZeOmega

Today's Sponsor

LEK

Continue Reading

 
Topics: Cybersecurity, Govt Agencies, Health IT, HIPAA, Provider, Technology
Related Articles:
Establishing trust in healthcare data security through accreditation | Viewpoint
EU action plan to make healthcare more resilient to cyber threats
The financial toll of the Change Healthcare hack: 7 numbers
The double-edged sword of AI and cybersecurity
Kristi Noem’s Bold Reset For CISA: A Return To Cybersecurity Duties

Share This Article