Lexology January 8, 2025
Reed Smith LLP

The use of third-party trackers to power data-driven marketing continues to present regulatory and class action risk for managed care organizations. A primary factor relating to increased risk for MCOs was the bulletin released by the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR), which described potential HIPAA noncompliance arising from the use of third-party trackers. In March 2024, OCR revised the bulletin, and part of it was vacated by a federal district court. But recent guidance from federal regulators indicates that risks remain. In light of this risk, managed care organizations should ensure they evaluate their use of third-party tracking technologies.

Why did OCR revise the bulletin?

The bulletin, originally released in December 2022,...

Today's Sponsors

Venturous
ZeOmega

Today's Sponsor

Venturous

Continue Reading

 
Topics: Govt Agencies, Healthcare System, HHS, HIPAA, Insurance, Payer, Privacy / Security, Provider
Related Articles:
Data Privacy In A World Built To Collect Everything
Why Data Privacy Is A Strategic Imperative For Every Organization
"New Year, New You*! (* - Privacy Laws)
Updates to HIPAA Notice of Privacy Practices Required by February 16, 2026
Your Medical Privacy Could Be At Risk, A New Lawsuit Shows

Share Article