HIPAA

For deidentification under the traditional laws like HIPAA, removal of identifiers qualifies.

That was a key facet of what I discussed last week on an anonymization panel during the IAPP

Continue Reading Deidentification vs Anonymization: What Is Enough?

Let’s review:

  • Health information is sensitive.
  • Sharing it with third parties for advertising is more sensitive.
  • Doing it behind a log-in where there is no expectation of such tracking?
  • You’re
Continue Reading A Class Action Lawsuit Claims a Health System Uses Meta Pixel on Its Website. What You Need to Know.

The Health Insurance Portability and Accountability Act of 1996 may be the most well-known privacy law in the United States, but it is also one of the most misunderstood.

Many

Continue Reading HIPAA Covers a Lot Less Than People Think. But Beware of Other US Privacy Laws.

Hey hospitals, retirement homes and clinics! If you are using biometrics to control medication dispensing systems, then Illinois’ Biometric Information Privacy Act then (BIPA) has news for you.

The use
Continue Reading Illinois’ Biometric Information Privacy Act Is Coming for Hospitals, Long-Term Care Providers

On the sixth day of CCPA the California Senate Health Committee gave to me … a HIPAA carve-out.

AB 713, reported favorably by the California Senate Health Committee, would expand
Continue Reading CA Senate Proposes Expanded CCPA Carve-Outs Related to HIPAA, Biomedical Research

A study shows that “92 percent of 36 mental health apps shared data with at least one third party — mostly services that help with marketing, advertising, or data analytics.”
Continue Reading Mental Health Apps Sharing Health Data Without Disclosure or Consent

Last week we posted about A Brief Primer on the NIST Cybersecurity Framework. Our partner and HIPAA/HITECH expert Elizabeth Litten took the NIST Cybersecurity Framework and created a blog post for the HIPAA, HITECH and Health Information Technology Blog on how How the NIST Cybersecurity Framework Can Help With HIPAA Compliance: 3 Tips. For those facing any HIPAA-related issues, it is a worthwhile read.
Continue Reading How the NIST Cybersecurity Framework Can Help With HIPAA Compliance: 3 Tips

I strongly urge every covered entity and business associate faced with a Business Associate Agreement that includes indemnification provisions to read Michael Kline’s “List of Considerations” before signing.  Michael’s list,
Continue Reading Michael Kline’s “List of Considerations” for Indemnification Provisions in Business Associate Agreements