Late last week, the Department of Health and Human Services (HHS) released its Model Attestation for use as required under its new final rule for the protection of reproductive health information. I explain the attestation requirement in section D of my blog post on the final rule. On June 18, 2024, I shared my sample […]
Category Archives: HIPAA
In Parts 1 and 2 in this series on the Pixel Problem, I review the original and revised guidance from the Department of Health and Human Services (HHS) on the Use of Tracking Technologies by HIPAA Covered Entities and Business Associates. I noted that HHS’s guidance, even as revised, went too far in determining what […]
On April 26, 2024, just one year after issuing its proposed rule, the Department of Health and Human Services (HHS) finalized changes to the HIPAA Privacy Rule on the protection of reproductive health information (Final Rule). In 91 pages of tiny font in the Federal Register, HHS addressed the 25,000 comments it received and ultimately […]
Within the last week, both chambers of the Connecticut Legislature passed Senate Bill 1, which includes provisions revising the law governing the Statewide Health Information Exchange known as Connie (sections 21-24). Once the Governor signs the bill, it will take effect on July 1, 2024. In summary, the bill makes clear that healthcare providers are […]
In December 2022, the Department of Health and Human Services’ Office for Civil Rights (OCR) released “guidance” on the use of tracking technologies, which took an overboard approach to the use of basic website analytics tools (2022 Guidance). Courts criticized OCR’s 2022 Guidance, and last fall, the American Hospital Association sued OCR, alleging agency overreach. […]
Buckle up. The 42 CFR Part 2 enforcement ride is about to begin. In the 2020 CARES Act, Congress directed that the civil and criminal penalties under the Health Insurance Portability and Accountability Act (HIPAA) apply to the federal regulations protecting substance use disorder (SUD) records. The Department of Health and Human Services (HHS) issued […]
As discussed in Part I of this series, Congress amended the federal law protecting the confidentiality of substance use disorder (SUD) records as part of the 2020 CARES Act and directed the Department of Health and Human Services (HHS) to revise the related regulations at 42 CFR Part 2. Congress’s goal was to align the […]
In the 2020 Coronavirus Aid, Relief, and Economic Security Act (CARES Act), Congress amended the federal law protecting the confidentiality of substance use disorder (SUD) records to facilitate the coordination of care in an effort to combat the opioid epidemic. It also directed the Department of Health and Human Services (HHS) to revise the related […]
The landscape of enforcement actions related to the Health Insurance Portability and Accountability Act (HIPAA) provides valuable insights into enforcement priorities, which can vary from year to year. In fact, 2023 was very different than 2022 (“The Year of the Dentist”). Specifically, in 2023, there was a notable decrease in patients’ right of access matters […]
In June 2022, several media outlets broke a story about hospitals using a website technology that caused patient data to be sent to Facebook known as Meta Pixel. Specifically, the investigation found that 33% of the top 100 hospitals tracked user activity tied to scheduling appointments and, because the hospitals used Meta Pixel technology on […]