Lexology January 8, 2025
Reed Smith LLP

The use of third-party trackers to power data-driven marketing continues to present regulatory and class action risk for managed care organizations. A primary factor relating to increased risk for MCOs was the bulletin released by the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR), which described potential HIPAA noncompliance arising from the use of third-party trackers. In March 2024, OCR revised the bulletin, and part of it was vacated by a federal district court. But recent guidance from federal regulators indicates that risks remain. In light of this risk, managed care organizations should ensure they evaluate their use of third-party tracking technologies.

Why did OCR revise the bulletin?

The bulletin, originally released in December 2022,...

Today's Sponsors

LEK
ZeOmega

Today's Sponsor

LEK

 
Topics: Govt Agencies, Healthcare System, HHS, HIPAA, Insurance, Payer, Privacy / Security, Provider
New privacy screen protectors launched to help practices stay HIPAA compliant
2024 Privacy, AI & Cybersecurity Year in Review
European Commission Withdraws Draft Rules on Technology Patents, AI Liability and Consumer Privacy
EU pulls back – for the moment – on privacy and genAI liability compliance regulations
Putting Part 2’s Data Privacy Protections into Play: 3 Key Considerations

Share This Article