Lexology December 19, 2022
Hunton Andrews Kurth LLP

On December 1, 2022, the Office for Civil Rights at the U.S. Department of Health and Human Services (“HHS”) released a Bulletin on the obligations of HIPAA covered entities and business associates under the HIPAA Privacy, Security, and Breach Notification Rules when using online tracking technologies.

In the Bulletin, HHS warned, for example, that some HIPAA-regulated entities may be sharing electronic protected health information (“PHI”) with online tracking technology vendors in violation of the HIPAA Privacy Rule. Tracking technologies used by regulated entities may have access to PHI, such as an individual’s IP address, medical record number, home...

Today's Sponsors

LEK
ZeOmega

Today's Sponsor

LEK

Continue Reading

 
Topics: Govt Agencies, Healthcare System, HHS, HIPAA, Privacy / Security, Provider
Related Articles:
Not 1, Not 2, but 6 Settlements
HIPAA Security Rule: Big Changes May Be Coming for Covered Entities & Business Associates
Perceived industry compliance failures prompt stringent proposed HIPAA Security Rule
Proposed Changes to the HIPAA Security Rule Will Have a Significant Impact on the Health Care Sector
HHS’ Proposed HIPAA Changes Are a Step in the Right Direction, But Some Providers May Struggle to Comply

Share This Article