Lexology January 8, 2025
Reed Smith LLP

The use of third-party trackers to power data-driven marketing continues to present regulatory and class action risk for managed care organizations. A primary factor relating to increased risk for MCOs was the bulletin released by the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR), which described potential HIPAA noncompliance arising from the use of third-party trackers. In March 2024, OCR revised the bulletin, and part of it was vacated by a federal district court. But recent guidance from federal regulators indicates that risks remain. In light of this risk, managed care organizations should ensure they evaluate their use of third-party tracking technologies.

Why did OCR revise the bulletin?

The bulletin, originally released in December 2022,...

Today's Sponsors

Venturous
Got healthcare questions? Just ask Transcarent

Today's Sponsor

Venturous

Continue Reading

 
Topics: Govt Agencies, Healthcare System, HHS, HIPAA, Insurance, Payer, Privacy / Security, Provider
Related Articles:
23andMe is potentially selling more than just genetic data. Survey info is just as much a privacy problem
23andMe Bankruptcy Court Could Appoint A Privacy Ombudsman. Will It?
A Privacy-Preserving On-Device Design For Wearable AI
Ranked: Which AI Chatbots Collect the Most Data About You?
US Privacy Update: Where Things Stand at the Start of Q2 2025

Share This Article