Lexology May 3, 2024
Freshfields Bruckhaus Deringer

On April 26, 2024, the Federal Trade Commission codified revisions to the Health Breach Notification Rule (“HBNR” or “Rule”). In recent years, the Commission has made clear through enforcement actions and policy statements that it takes an expansive view of the Rule’s scope. The revisions cement these policy positions by significantly broadening both the entities covered by the Rule and the activities that trigger the Rule’s notification obligations. Companies that offer websites, apps, or connected devices to assist users with health or wellness may need to revise their cybersecurity and privacy policies and procedures in light of these revisions.

The changes did not alter the Rule’s basic obligations – the HBNR ensures that entities not covered by the Health Insurance...

Today's Sponsors

LEK
ZeOmega

Today's Sponsor

LEK

Continue Reading

 
Topics: Cybersecurity, Govt Agencies, Health IT, HIPAA, Provider, Technology
Related Articles:
AI raises CIO cyber anxieties
U.S. AI experts are being targeted in a suspected China-linked phishing attack
STAT+: Venture capitalist Bob Kocher on generative AI startups, Change Healthcare cyberattack
Expert warns about healthcare's cybersecurity weakness
Agencies issue guidance on mitigating cyberthreats with limited resources

Share This Article