On June 24, 2025, Connecticut’s governor signed into law a public health act (the Act) that includes updates to the law governing the statewide health information exchange, commonly known as Connie. While these updates are less substantial than those enacted during the 2024 spring legislative session, they represent meaningful progress on issues that matter to […]
Category Archives: Health Privacy
On June 18, 2025, a federal district court in Texas vacated regulations providing protections for reproductive health information as part of the Health Insurance Portability and Accountability Act of 1996 (HIPAA). The court found that the Department of Health and Human Services (HHS) exceeded its authority and unlawfully limited state law, effectively eliminating the rule […]
As discussed in Part 1 of this series, there are important benefits to licensure compacts, but providers must understand that the benefits come with added compliance responsibilities. Providers who apply for cross-border licensure through PSYPACT, the Counseling Compact, and the Social Work Compact must comply with the laws and rules of the state where the […]
The demand for licensed behavioral health providers continues to outpace supply, leaving many individuals without timely access to care, especially in underserved and rural areas. To help bridge this gap, Connecticut has joined a growing number of states in adopting interstate licensure compacts for psychologists, professional counselors, and, most recently, clinical social workers. These compacts […]
Late last week, the Department of Health and Human Services (HHS) released its Model Attestation for use as required under its new final rule for the protection of reproductive health information. I explain the attestation requirement in section D of my blog post on the final rule. On June 18, 2024, I shared my sample […]
In Parts 1 and 2 in this series on the Pixel Problem, I review the original and revised guidance from the Department of Health and Human Services (HHS) on the Use of Tracking Technologies by HIPAA Covered Entities and Business Associates. I noted that HHS’s guidance, even as revised, went too far in determining what […]
On April 26, 2024, just one year after issuing its proposed rule, the Department of Health and Human Services (HHS) finalized changes to the HIPAA Privacy Rule on the protection of reproductive health information (Final Rule). In 91 pages of tiny font in the Federal Register, HHS addressed the 25,000 comments it received and ultimately […]
Within the last week, both chambers of the Connecticut Legislature passed Senate Bill 1, which includes provisions revising the law governing the Statewide Health Information Exchange known as Connie (sections 21-24). Once the Governor signs the bill, it will take effect on July 1, 2024. In summary, the bill makes clear that healthcare providers are […]
In December 2022, the Department of Health and Human Services’ Office for Civil Rights (OCR) released “guidance” on the use of tracking technologies, which took an overboard approach to the use of basic website analytics tools (2022 Guidance). Courts criticized OCR’s 2022 Guidance, and last fall, the American Hospital Association sued OCR, alleging agency overreach. […]
Buckle up. The 42 CFR Part 2 enforcement ride is about to begin. In the 2020 CARES Act, Congress directed that the civil and criminal penalties under the Health Insurance Portability and Accountability Act (HIPAA) apply to the federal regulations protecting substance use disorder (SUD) records. The Department of Health and Human Services (HHS) issued […]