Lexology January 8, 2025
Reed Smith LLP

The use of third-party trackers to power data-driven marketing continues to present regulatory and class action risk for managed care organizations. A primary factor relating to increased risk for MCOs was the bulletin released by the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR), which described potential HIPAA noncompliance arising from the use of third-party trackers. In March 2024, OCR revised the bulletin, and part of it was vacated by a federal district court. But recent guidance from federal regulators indicates that risks remain. In light of this risk, managed care organizations should ensure they evaluate their use of third-party tracking technologies.

Why did OCR revise the bulletin?

The bulletin, originally released in December 2022,...

Today's Sponsors

Venturous
Got healthcare questions? Just ask Transcarent

Today's Sponsor

Venturous

Continue Reading

 
Topics: Govt Agencies, Healthcare System, HHS, HIPAA, Insurance, Payer, Privacy / Security, Provider
Related Articles:
China's Oppo taps Google for privacy AI push, taking a page from Apple's playbook
Bankruptcy, Genetic Information, and Privacy — Selling Personal Information
California’s Proposed Location Privacy Act: A Potential Game-Changer for Tracking Location of Individuals
New York’s Health Information Privacy Act: what you need to know
Patient Privacy at Risk: The Hidden Flaws in Healthcare Data De-Identification (And How to Fix Them)

Share This Article