Lexology March 20, 2024
Hogan Lovells

The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) updated its guidance concerning compliance obligations for HIPAA covered entities and business associates using online tracking technologies. While revisions purport to provide some clarity on use of technologies on unauthenticated webpages, business associate relationships with vendors, and OCR’s enforcement priorities, the bigger tracker questions remain unchanged.

OCR recently updated guidance directed at HIPAA-regulated entities that use online tracking technologies, reminding those entities that use of such technology must comply with their obligations under the HIPAA Privacy, Security, and Breach Notification Rules (HIPAA Rules), providing clarification about enforcement priorities, adding examples of uses of these technologies, and narrowing some of the previously broad language about...

Today's Sponsors

LEK
ZeOmega

Today's Sponsor

LEK

Continue Reading

 
Topics: Govt Agencies, Health System / Hospital, HHS, HIPAA, Provider
Related Articles:
Addressing The HIPAA Blind Spot For Crisis Pregnancy Centers
6 Important Takeaways for HIPAA Covered Entities and Business Associates from 2024 NIST HHS OCR Conference
HHS settles 2 ransomware investigations as attacks rise
Safeguarding Health Information: Takeaways from HHS and NIST 2024 HIPAA Security Conference
White House OMB is reviewing proposed cybersecurity updates to HIPAA

Share This Article