Health IT Security December 2, 2022
Jill McKeon

Covered entities and business associates using tracking tech such as Google Analytics and Meta Pixel should pay close attention to whether PHI is being handled in accordance with HIPAA.

Following reports that patient data was transmitted to Facebook through the use of tracking technology on hospital websites and within password-protected patient portals, the HHS Office for Civil Rights (OCR) issued a bulletin outlining the dos and don’ts of using tracking tech as a HIPAA-covered entity or business associate.

Covered entities and business associates using tracking tools such as Google Analytics and Meta Pixel should pay close attention to their obligations under HIPAA, OCR noted.

“Regulated entities are not permitted to use tracking technologies in a manner that would result in...

Today's Sponsors

Venturous
Got healthcare questions? Just ask Transcarent

Today's Sponsor

Venturous

Continue Reading

 
Topics: Govt Agencies, Healthcare System, HHS, HIPAA, Patient / Consumer, Privacy / Security, Provider
Related Articles:
Patient Privacy at Risk: The Hidden Flaws in Healthcare Data De-Identification (And How to Fix Them)
New privacy screen protectors launched to help practices stay HIPAA compliant
2024 Privacy, AI & Cybersecurity Year in Review
European Commission Withdraws Draft Rules on Technology Patents, AI Liability and Consumer Privacy
EU pulls back – for the moment – on privacy and genAI liability compliance regulations

Share This Article