Health Privacy and Security Pulse
Welcome to The Crowell Health Privacy and Security Pulse! Covering issues related to the privacy and security of health data, including legislation, regulations, cases, regulatory guidance, enforcement actions, and health data breaches, we are your destination for insights and commentary on important developments in the world of health privacy and security and what they mean for you and your organization.
On December 13, 2023, the U.S. Department of Health and Human Services’ (HHS) Office of the National Coordinator for Health Information Technology (ONC) released the Health Data, Technology, and Interoperability: Certification Program Updates, Algorithm Transparency, and Information Sharing (HTI-1) Final Rule.Continue Reading ONC Releases Final Rule on Information Blocking and Health IT Certification Program Updates, Including Requirements Related to AI
Health Privacy and Security Editors
On May 17, 2023, the Federal Trade Commission (“FTC”) announced an enforcement action (“Enforcement Action”) against Illinois-based Easy Healthcare Corporation (“Easy Healthcare”), which operates the Premom application, for allegedly violating…Continue Reading FTC Announces Enforcement Action Against Ovulation Tracking App Premom
On January 19, 2022, the U.S. Department of Health and Human Services (HHS) Office of the National Coordinator for Health Information Technology (ONC) published the Trusted Exchange Framework and Common…Continue Reading ONC’s Trusted Exchange Framework and Common Agreement (TEFCA) Announces First Cohort of Participants
On March 2, 2023, the Federal Trade Commission (“FTC”) announced an enforcement action against California-based online counseling service BetterHelp, Inc. (“BetterHelp”) for allegedly sharing consumers’ health information, including sensitive information…Continue Reading FTC Enforcement Against Sharing Consumer Health Information Continues
On February 1, 2023, the Federal Trade Commission (“FTC”) announced an enforcement action (“Enforcement Action”) against California-based telehealth and prescription drug discount provider GoodRx Holdings, Inc. (“GoodRx”) for allegedly violating…Continue Reading FTC Imposes $1.5 Million Civil Penalty in First-of-Its-Kind Health Breach Notification Rule Enforcement Action
On November 9, the Department of Health and Human Services (HHS) issued a proposed rule to adopt updated versions of the retail pharmacy standards for electronic transactions adopted under the…Continue Reading HHS Issues Proposed HIPAA Rule to Adopt Updated Version of Retail Pharmacy Standards for Electronic Transactions
The Office for Civil Rights (OCR) at the Department of Health and Human Services (HHS) recently issued a bulletin to highlight the obligations of Health Insurance Portability and Accountability Act…Continue Reading HHS OCR Issues a Bulletin on HIPAA Requirements for Tracking Health Information When Using Online Technologies
Earlier this week, the United States Department of Health and Human Services (“HHS”) released a Notice of Proposed Rulemaking (“NPRM”) that proposes to make sweeping changes to regulations at 42…Continue Reading HHS Proposes Significant Amendments to Part 2 Regulations Governing the Confidentiality of Substance Use Disorder Records
The Biden Administration is taking action to support access to reproductive health care in response to the Supreme Court’s decision in Dobbs v. Jackson Women’s Health Organization. This is…Continue Reading Biden Acts to Protect Reproductive Health Care Services: Executive Order and Privacy Guidance
The Russia-Ukraine conflict is increasing the risk of ransomware attacks and other cyber threats for U.S. companies, and those in the health care industry may be targeted. In a recent…Continue Reading Increased Cyber Risk for Health Care Organizations Due to the Russia-Ukraine Conflict
On January 18, 2022, the U.S. Department of Health and Human Services (HHS) Office of the National Coordinator for Health Information Technology (ONC) and the entity chosen as a contracting…Continue Reading ONC Releases a Framework for Nationwide Health Information Exchange
This article was originally published in Corporate Compliance Insights.
Both your company’s data supply chain and its physical version have fundamentally similar business risks. Given the consequences of unethical…Continue Reading Is Your Data Supply Chain Ethical? Don’t Restrict Due Diligence to Physical Operations.
On May 14, 2021, CMS published FAQs addressing questions that have been raised regarding the Interoperability and Patient Access final rule published May 2020. CMS is careful to note that…Continue Reading CMS Issues First FAQs on the CMS Interoperability and Patient Access Rule