Lexology March 28, 2024
McCarter & English LLP

On March 18, 2024, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services updated its bulletin on the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates. The bulletin emphasizes that regulated entities are not permitted to use tracking technologies for impermissible disclosures of protected health information (PHI) to tracking technology vendors or for any other violations of the HIPAA Rules.

The bulletin describes tracking technology as a script or code on a website or mobile app used to gather information about users or their actions as they interact with a website or mobile app. It identifies three places where entities may be using tracking technology: (1) user-authenticated pages (e.g., a...

Today's Sponsors

LEK
ZeOmega

Today's Sponsor

LEK

Continue Reading

 
Topics: Govt Agencies, HHS, HIPAA, Provider
Related Articles:
New privacy screen protectors launched to help practices stay HIPAA compliant
Home-Based Care Providers Vulnerable to HIPAA Compliance Issues
HHS tightens HIPAA as healthcare cyberattacks increase
HHS Publishes Notice of Proposed Rulemaking to Amend HIPAA Security Rule Requirements - Comments Due March 7, 2025
HIPAA Compliance: 3 Strategies for Implementing Multilingual Healthcare Delivery

Share This Article