Lexology December 19, 2022
Hunton Andrews Kurth LLP

On December 1, 2022, the Office for Civil Rights at the U.S. Department of Health and Human Services (“HHS”) released a Bulletin on the obligations of HIPAA covered entities and business associates under the HIPAA Privacy, Security, and Breach Notification Rules when using online tracking technologies.

In the Bulletin, HHS warned, for example, that some HIPAA-regulated entities may be sharing electronic protected health information (“PHI”) with online tracking technology vendors in violation of the HIPAA Privacy Rule. Tracking technologies used by regulated entities may have access to PHI, such as an individual’s IP address, medical record number, home...

Today's Sponsors

LEK
ZeOmega

Today's Sponsor

LEK

Continue Reading

 
Topics: Govt Agencies, Healthcare System, HHS, HIPAA, Privacy / Security, Provider
Related Articles:
Addressing The HIPAA Blind Spot For Crisis Pregnancy Centers
6 Important Takeaways for HIPAA Covered Entities and Business Associates from 2024 NIST HHS OCR Conference
HHS settles 2 ransomware investigations as attacks rise
Safeguarding Health Information: Takeaways from HHS and NIST 2024 HIPAA Security Conference
White House OMB is reviewing proposed cybersecurity updates to HIPAA

Share This Article