In December 2022, the Department of Health and Human Services’ Office for Civil Rights (OCR) released “guidance” on the use of tracking technologies, which took an overboard approach to the use of basic website analytics tools (2022 Guidance). Courts criticized OCR’s 2022 Guidance, and last fall, the American Hospital Association sued OCR, alleging agency overreach. […]
Category Archives: Health Privacy
Buckle up. The 42 CFR Part 2 enforcement ride is about to begin. In the 2020 CARES Act, Congress directed that the civil and criminal penalties under the Health Insurance Portability and Accountability Act (HIPAA) apply to the federal regulations protecting substance use disorder (SUD) records. The Department of Health and Human Services (HHS) issued […]
As discussed in Part I of this series, Congress amended the federal law protecting the confidentiality of substance use disorder (SUD) records as part of the 2020 CARES Act and directed the Department of Health and Human Services (HHS) to revise the related regulations at 42 CFR Part 2. Congress’s goal was to align the […]
In the 2020 Coronavirus Aid, Relief, and Economic Security Act (CARES Act), Congress amended the federal law protecting the confidentiality of substance use disorder (SUD) records to facilitate the coordination of care in an effort to combat the opioid epidemic. It also directed the Department of Health and Human Services (HHS) to revise the related […]
It’s been quite the year! Last year’s blog post on Connie was subject to five revisions between December and April, reflecting the challenges of gathering accurate information about Connecticut’s Health Information Exchange and its operation. Fortunately, there are some promising updates to share. Early 2023 The start of 2023 was marked by confusion and frustration […]
One year after Connecticut became the fifth state in the nation to adopt a consumer data privacy law, the state Legislature emerges again as a data privacy leader by adding protections for consumer health data and minors to the Connecticut Data Privacy Act (“CTDPA”). With unanimous votes in the state House and the Senate, An […]
On May 18, 2023, the day after the Federal Trade Commission (FTC) announced only its second enforcement action under the Health Breach Notification Rule (HBNR) in 13 years, it released proposed changes to “strengthen and modernize” the rule. Those proposed changes will substantially expand the scope of the HBNR. Congress, however, never intended that the […]
Earlier this year, we learned that the U.S. Department of Health & Human Services’ (HHS) Office for Civil Rights (OCR) would propose changes to HIPAA to protect reproductive health information in the wake of the 2022 Dobbs v. Jackson Women’s Health Organization decision. Since learning about the impending proposal, many of us speculated on OCR’s […]
Written in collaboration with Melissa Chaplik, JD Candidate 2024 The COVID-19 Public Health Emergency (PHE) is ending on May 11, 2023, and so are HIPAA compliance flexibilities for telehealth. Here’s to hoping that the first two episodes of Telehealth, Privacy and The Three Little Pigs inspired action. In the first episode, I warned: Telehealth is […]
No one likes receiving negative reviews on Yelp. But healthcare providers need to exercise better restraint than a dentist who will pay $23,000 to the Department of Health and Human Services’ Office for Civil Rights (OCR) to settle claims that his responsive posts violated HIPAA. OCR received a complaint that New Vision Dental (NVD) continuously […]
- 1
- 2