Lexology January 2, 2023
Jackson Lewis PC

Last month, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) issued a bulletin with guidance concerning the use of online tracking technologies by covered entities and business associates under the Health Insurance Portability and Accountability Act (HIPAA). The OCR Bulletin follows a significant uptick in litigation concerning these technologies in industries including but not limited to the healthcare. For healthcare entities, the allegations relate to the sharing of patient data obtained from patient portals and websites.

THE OCR BULLETIN

A Few Reminders

Before digging into the OCR Bulletin, let’s remember a few basic HIPAA rules:

  • In general, the HIPAA privacy and security regulations (the “HIPAA rules”) apply only to “covered entities” and “business...

Today's Sponsors

LEK
ZeOmega

Today's Sponsor

LEK

Continue Reading

 
Topics: Govt Agencies, Health System / Hospital, HHS, HIPAA, Provider
Related Articles:
Not 1, Not 2, but 6 Settlements
HIPAA Security Rule: Big Changes May Be Coming for Covered Entities & Business Associates
Perceived industry compliance failures prompt stringent proposed HIPAA Security Rule
Proposed Changes to the HIPAA Security Rule Will Have a Significant Impact on the Health Care Sector
HHS’ Proposed HIPAA Changes Are a Step in the Right Direction, But Some Providers May Struggle to Comply

Share This Article