Lexology January 2, 2023
Jackson Lewis PC

Last month, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) issued a bulletin with guidance concerning the use of online tracking technologies by covered entities and business associates under the Health Insurance Portability and Accountability Act (HIPAA). The OCR Bulletin follows a significant uptick in litigation concerning these technologies in industries including but not limited to the healthcare. For healthcare entities, the allegations relate to the sharing of patient data obtained from patient portals and websites.

THE OCR BULLETIN

A Few Reminders

Before digging into the OCR Bulletin, let’s remember a few basic HIPAA rules:

  • In general, the HIPAA privacy and security regulations (the “HIPAA rules”) apply only to “covered entities” and “business...

Today's Sponsors

LEK
ZeOmega

Today's Sponsor

LEK

Continue Reading

 
Topics: Govt Agencies, Health System / Hospital, HHS, HIPAA, Provider
Related Articles:
Addressing The HIPAA Blind Spot For Crisis Pregnancy Centers
6 Important Takeaways for HIPAA Covered Entities and Business Associates from 2024 NIST HHS OCR Conference
HHS settles 2 ransomware investigations as attacks rise
Safeguarding Health Information: Takeaways from HHS and NIST 2024 HIPAA Security Conference
White House OMB is reviewing proposed cybersecurity updates to HIPAA

Share This Article