Health Care Compliance Brief

Could the EU's decision against Meta affect data privacy policies in the U.S.?

Healthcare It News

JANUARY 6, 2023

Facebook parent company Meta this week was fined 390 million euros, or more than $414 million, by European Union regulators in a major decision around its online ad targeting and privacy policies. The decision regarding a separate complaint of privacy violations on WhatsApp has been delayed until later in the month.

HIPAA

HIPAA Compliance Hospitals

American Telemedicine Association Leaps Into Privacy and AI Policies

Healthcare IT Today

NOVEMBER 9, 2023

The computerization of daily life has evolved from a set of technical decisions to a matter of urgent public policy over the past few decades. The American Telemedicine Association (ATA) recently released two sets of principles that highlights its concerns in two prominent computing issues: privacy and AI.

Telemedicine

Telemedicine HIPAA COVID-19 FDA

Streamlining Your Dental Practice With the Right Privacy Policy

Compliancy Group

APRIL 3, 2024

This is one of the primary reasons dental practices have privacy and confidentiality policies: to protect patients’ private information and data. While most practices have privacy policies, many have difficulty keeping them current. A dental office privacy policy is needed to ensure ethical and legal compliance.

ADA

ADA Compliance HIPAA

Sharing hospital website user data with 3rd parties is common, study shows

Healthcare It News

APRIL 18, 2024

A new statistical analysis of 90 distinct hospital websites, drawn from a nationally representative sample of 100 community hospitals, finds that those providers – when they had privacy policies available for consumption – were inadequate in how they accurately disclosed the use of third-party tracking technologies to consumers.

Hospitals

Hospitals HIPAA

Impact of COVID-19 Privacy Policy Expiration

American Medical Compliance

JUNE 26, 2023

This privacy policy expiration carries significant implications for healthcare providers and emphasizes the importance of patient privacy. Implications of COVID-19 Privacy Policy Expiration During the COVID-19 pandemic, healthcare providers benefited from the flexibility provided by HIPAA enforcement discretion.

COVID-19

COVID-19 US Department of Health and Human Services HIPAA Compliance

Website Privacy Policies and HIPAA’s Notice of Privacy Practices

Total Medical ComplianceHIPAA

NOVEMBER 7, 2022

Websites typically have a privacy policy that outlines requirements like these which is usually available through a link at the bottom of the website. This kind of privacy policy applies to everyone who visits the website regardless of whether the visitor ever becomes a customer.

HIPAA

HIMSS policy leader discusses telehealth bill, EU privacy rules

Healthcare IT News - Telehealth

SEPTEMBER 16, 2022

Enterprise Taxonomy: Node settings: Exclude from Accelerate RSS feed

Nearly all hospital websites track visitors, but most don't specify who else is seeing users' data

Fierce Healthcare

APRIL 12, 2024

Nearly all hospitals’ websites collect and transmit user information to third parties, yet most do not have privacy policies that tell the visitors who exactly will be receiving those data, accordi | A recent study warns that many hospitals' user tracking and disclosure practices could open their organizations up to lawsuits.

Hospitals

State Genetic Privacy Statutes: Good Intentions, Unintended Consequences?

Bill of Health

AUGUST 10, 2023

By Christi Guerrini, David Gurney, Steve Kramer, CeCe Moore, Margaret Press, and Amy McGuire State legislators have enacted a flurry of genetic privacy bills that will strengthen the privacy and security practices of direct-to-consumer genetic testing companies and give customers more control over their data. Although U.S.

Informed Consent

Informed Consent ADA Compliance

Privacy Policies and Procedures for Small Healthcare Providers Under Scrutiny.

VW Health Care Law Blog

NOVEMBER 19, 2019

Although privacy incidents at the largest healthcare providers attract the most attention, The Department of Health and Human Services Office for Civil Rights enforcement (“OCR”) is actively investigating privacy and security incidents at small healthcare providers.

Combatting Elder Abuse in Long-Term Care: Challenges and Opportunities of Electronic Monitoring

Bill of Health

DECEMBER 18, 2023

The laws otherwise differ in a variety of ways, such as notice requirements, consent requirements/privacy, and availability of the recordings. Privacy is a critical concern in this area of regulation, with different approaches being taken by states.

Elder Abuse

Elder Abuse Nursing Homes Nurses Public Health

Health Systems Grapple with AI Governance: Balancing Promise and Risk

HIT Consultant

FEBRUARY 15, 2024

What You Should Know: – Despite the increasing adoption of artificial intelligence (AI) in healthcare, a new survey reveals that very few health systems have formal policies in place to govern its use, particularly for generative AI. The Need for Governance: Only 16% of surveyed health systems have a formal AI governance policy.

Governance

Your Patient Data Privacy Policy: Why It Matters (+ What to Include)

NCG Medical Blog

DECEMBER 30, 2022

Whether due to an internal attack, a cybersecurity hacker, accidentally publishing information, or something else, patient data privacy and security are of the utmost importance to ensure. The healthcare industry experienced the second-highest increase in cost-per-breach in 2020 – only second to the energy industry.

HITECH Compliance

AIHC

APRIL 10, 2024

Checklist for Individual & Small Group Practices Written by: Nancie Lee Cummins, CFE, CHA, CIFHA, OHCC, CHCM, CHCO, CORCM This article provides an overview of Health Information Technology for Economic and Clinical Health Act (HITECH) and basic checklist of policies and procedures for compliance of smaller health care organizations.

Compliance

Compliance US Department of Health and Human Services HIPAA Electronic Medical Records

Follow the (Medical) Record: Rita Bowen and The Sequoia Project

MRO Compliance

AUGUST 30, 2022

In this episode, host Don Hardwick interviews Rita Bowen, VP of Privacy, Compliance and HIM Policy at MRO, to learn more about how The Sequoia Project is aiming to identify, prioritize and collaborate on the most pressing challenges to nationwide health information sharing.

Compliance

ATA takes a national stance on how states treat consumer health data

Healthcare IT News - Telehealth

AUGUST 31, 2023

Following conversations in Washington and state capitals, the American Telemedicine Association published its new Health Data Privacy Principles this week. State laws and policies should also define consumer health data with the uniform language defined as protected health information under HIPAA, the group said in its announcement this week.

HIPAA

HIPAA COVID-19 Telemedicine Health Insurance

Senators intro bipartisan effort toward modernizing health privacy laws

Healthcare IT News - Telehealth

FEBRUARY 10, 2022

Senators Tammy Baldwin, D-Wisconsin, and Bill Cassidy, R-Louisiana, introduced the Health Data Use and Privacy Commission Act this week, aimed at starting the process of modernizing health data use and privacy policies. Recommendations on non-legislative solutions to individual health privacy concerns.

HIPAA

HIPAA Doctors Health Insurance Governance

AMA Issues 7 Principles for AI Development, Deployment, and Use

HIT Consultant

NOVEMBER 28, 2023

– Building upon current policy on AI, the principles serve as the cornerstone for AMA advocacy on AI and underscore the organization’s commitment to supporting the implementation of national governance policies that prioritize the development and deployment of AI in a manner that is ethical, equitable, responsible, and transparent.

Governance

Protecting the Consumer at the Heart of DTC Precision Medicine

Bill of Health

OCTOBER 27, 2023

By Adithi Iyer In my last piece , I discussed the hypothetical successor of 23andme — a tissue-based direct-to-consumer testing service I’ve called yourtissueandyou — and the promise and perils that it might bring in consumer health information and privacy. Some developments might reshape this dynamic, like health-specific state privacy laws.

HIPAA

HIPAA FDA Informed Consent Health Insurance

AHA says OCR's online tracking tool rules need to go

Healthcare It News

OCTOBER 3, 2023

"Congress should urge OCR to withdraw the rule immediately," AHA said in its response to a request for information on data privacy and HIPAA. "This rule is flawed as a matter of law and harmful as a matter of policy," the AHA asserted.

HIPAA

HIPAA Hospitals Nurses Public Health

HIPAA Policies and Procedures

HIPAA Journal

MARCH 7, 2022

The development, implementation, and enforcement of HIPAA policies and procedures is the cornerstone of HIPAA compliance. The requirement to develop, implement, and enforce HIPAA policies and procedures appears in the very first standard of the Administrative Requirements of the Privacy Rule ( 45 CFR § 164.530 ).

HIPAA

HIPAA Compliance

It’s Your Call – February 2024

Total Medical ComplianceHIPAA

FEBRUARY 9, 2024

Policies should be updated and reviewed with staff as needed. HIPAA: Are Sanctions Policies a HIPAA requirement? Yes, under both the privacy AND security rule, it is a requirement. Employees must be fever free for 24 hours without the use of a fever reducer and their symptoms must be improved.

COVID-19

COVID-19 HIPAA

Sensitive Data Requires Great Responsibility: The Importance of ‘Privacy and Security by Design’ in Healthcare

HIT Consultant

DECEMBER 22, 2023

For companies entrusted with managing and protecting patients’ personal information, ensuring the privacy of that data must be the highest priority. This approach aligns with the principle of data minimization, a key aspect of privacy regulations like the General Data Protection Regulation (GDPR) and HIPAA.

Compliance

Compliance Health Insurance HIPAA

Keeping Reproductive Patient Records Protected and Private

MRO Compliance

OCTOBER 28, 2022

Given recent guidance from the OCR, now is the time for HI professionals to hold internal discussions, revisit policies, refresh education, and build checklists to ensure the privacy of sensitive patient data related to reproductive health. October 28, 2022. Health IT Answers. Here are four steps to take now. View Full Article.

Beyond HIPAA: FTC’s Data Protection Authority Results in Settlement with Genetic Testing Company

Health Law Advisor

JUNE 29, 2023

which sells “DNA Health Test Kits” to consumers for health and ancestry insights—serves as a reminder that the FTC is increasingly exercising its consumer protection authority in the context of privacy and data protection. Alleged Privacy and Security Violations The FTC alleged 1Health.io The FTC’s settlement with 1Health.io

HIPAA

HIPAA Governance Health Insurance

HIPAA Compliance Guidelines

HIPAA Journal

JULY 15, 2023

Here is a summary of the elements, which we outline in more detail below: Develop policies and procedures so that day-to-day activities comply with the Privacy Rule. Designate a Privacy Officer and a Security Officer. Enforce sanctions policies fairly and equally. Implement effective training programs.

HIPAA

HIPAA Compliance Compliance Officers Licensing

Study: Popular women's health apps don't meet basic privacy, security standards

Mobi Health News

MAY 11, 2022

Only 16 displayed a privacy policy, and three collected data before consent. The researchers found 20 of the 23 apps reviewed shared data with third parties.

What is HIPAA Compliance in Healthcare?

MedTrainer

MARCH 8, 2024

This landmark legislation, enacted in 1996, pivoted the healthcare industry toward stringent data protection to help ensure patient privacy and foster trust. Security Rule: Complementary to the Privacy Rule, this rule applies specifically to electronic PHI. Download a free and ready-to-use HIPAA Breach Notification Policy.

HIPAA

HIPAA Compliance Electronic Medical Records Health Insurance

Asynchronous Telehealth & Patient Privacy

AIHC

FEBRUARY 7, 2024

This article provides a basic overview of Artificial Intelligence, Telehealth, Asynchronous Services and HIPAA privacy concerns. Medicaid policies on this issue vary from state to state. Address HIPAA and Privacy Concerns Technology considerations The telehealth platform you use should meet HIPAA requirements.

HIPAA

HIPAA Medicaid Medicaid Telemedicine

HIPAA Compliance for Email

HIPAA Journal

APRIL 5, 2024

Standards relevant to HIPAA compliance for email appear throughout the HIPAA Administrative Simplification Regulations – from the applicability and preemption standards of Part 160 (the General Requirements) to the privacy, security, and breach notification standards of Part 164.

HIPAA

HIPAA Compliance

FTC Fines Genetic Testing Company for Data Privacy and Security Failures

HIPAA Journal

JUNE 20, 2023

A San Francisco-based company that sells DNA test kits and personalized diet and exercise plans based on genetic testing has been fined $75,000 by the Federal Trade Commission (FTC) and ordered to make improvements to its data privacy and security practices. 1HEalth.io, which previously operated under the names Vitagene Inc. While 1HEalth.io

HIPAA

HIPAA Doctors

FTC Enforcement Action Against Company and CEO Provides Roadmap for Reasonable Data Security Measures

Wyatt Law Blog

NOVEMBER 8, 2022

The FTC recently took enforcement action against an online e-commerce company and its CEO for failing to implement data security policies and procedures to protect the personal information of consumers. Read about the FTC action in this post by Kathie McDonald-McClure, Partner on Wyatt’s Data Privacy & Cyber Security service team.

The 'internet of healthy things' poses unique privacy challenges

Healthcare IT News - Telehealth

AUGUST 17, 2021

Even as these devices have widened access, however, the "internet of healthy things" has also meant more potential privacy issues, explained experts in a HIMSS21 Global Conference Digital session available on demand this week. Pritts noted that HIPAA is quite broad – but it doesn't apply to the entirety of health IoT.

HIPAA

HIPAA COVID-19 Doctors

Understanding HIPAA’s Central Role in Healthcare

MedTrainer

FEBRUARY 19, 2024

This key legislation mandates the protection of patient privacy and the security of health information, affecting nearly every aspect of healthcare operations. The law is primarily concerned with protecting the privacy and security of patients’ protected health information (PHI).

HIPAA

HIPAA Compliance Health Insurance Governance

Set Yourself Up for Success: Preparing for an OCR Inspection in Healthcare

MedTrainer

OCTOBER 5, 2023

As a key member of your facility’s healthcare compliance programming, you understand the significance of regulatory compliance and the critical role it plays in ensuring the privacy and security of patient information. Your cooperation with the inspection entails ensuring your documents and policies are available and readily accessible.

HIPAA

HIPAA Compliance Regulatory Compliance ADA

Nevada Consumer Health Data Bill Signed into Law

HIPAA Journal

JUNE 28, 2023

The governor of Nevada recently signed a new consumer health data privacy bill into law that strengthens consumer health data privacy and gives Nevada residents new rights over their health data. Senate Bill (SB) 370 was modeled on Washington’s recently enacted “My Health, My Data (MHMD) bill, although is less comprehensive in scope.

HIPAA

HIPAA Health Insurance Public Health

HIPAA Compliance for Behavioral Health Billing

Medisys Compliance

APRIL 24, 2024

Introduction As a behavioral health provider, protecting your patients’ privacy must be your top priority. The Health Insurance Portability and Accountability Act (HIPAA) is a federal law that safeguards the privacy of individuals’ health information, including mental health and substance abuse treatment records.

HIPAA

HIPAA Compliance Medical Billing Outsourcing Medical Billing

Expect More From HIPAA Proposed Changes: Easing Information Flow Shouldn’t Mean Reducing Health Data Privacy

Electronic Health Reporter

APRIL 29, 2021

By Deborah Hsieh, chief policy and strategy officer, Ciox Health. The article Expect More From HIPAA Proposed Changes: Easing Information Flow Shouldn’t Mean Reducing Health Data Privacy appeared first on electronichealthreporter.com. Congress enacted the Health Insurance Portability and Accountability Act (HIPAA) in 1996.

HIPAA

HIPAA Health Insurance

2023 New Year’s Resolution: Effectively Comply with New Comprehensive State Privacy Laws

Health Law Advisor

JANUARY 10, 2023

The California Privacy Rights Act (“ CPRA ”) and the Virginia Consumer Data Protection Act (“ VCPDA ”) are now effective in California and Virginia, respectively. These comprehensive data privacy laws, along with three other state laws going into effect this year, establish new and complex obligations for businesses.

Compliance

Compliance Governance

Asynchronous Telehealth & Patient Privacy

AIHC

FEBRUARY 7, 2024

This article provides a basic overview of Artificial Intelligence, Telehealth, Asynchronous Services and HIPAA privacy concerns. Medicaid policies on this issue vary from state to state. Address HIPAA and Privacy Concerns Technology considerations The telehealth platform you use should meet HIPAA requirements.

HIPAA

HIPAA Medicaid Medicaid Telemedicine

Study Explores How Medical Apps are Sending Health Data to Facebook and Others

HIPAA Journal

AUGUST 26, 2022

At least two lawsuits have been filed against healthcare providers over the privacy violations, and Novant Health has recently issued notifications to more than 1.3 million patients whose privacy was violated. Privacy Policies and Data Sharing Practices Differ.

HIPAA

HIPAA Health Insurance Hospitals

Video: Why HIPAA Compliance is Important for Healthcare Professionals

HIPAA Journal

MARCH 8, 2022

One of the objectives of HIPAA is to provide a federal floor of privacy protections for individuals´ identifiable health information held by Covered Entities. To achieve this objective, the Privacy and Security Rules imposes standards Covered Entities must comply with in order to protect the privacy of “Protected Health Information” (PHI).

HIPAA

HIPAA Compliance Health Outcomes

Health IT Leadership’s Role in Patient Data Security and Privacy

Healthcare IT Today

JANUARY 26, 2024

This leaves us with the big question of what role Health IT leadership plays in ensuring the security and privacy of patient data , and what strategies can leaders employ to address emerging cybersecurity threats. Healthcare security and privacy frameworks like HITRUST align best practices in establishing a baseline level of security.

Compliance

Compliance Ransomware

HITECH Compliance

AIHC

APRIL 10, 2024

Checklist for Individual & Small Group Practices Written by: Nancie Lee Cummins, CFE, CHA, CIFHA, OHCC, CHCM, CHCO, CORCM This article provides an overview of Health Information Technology for Economic and Clinical Health Act (HITECH) and basic checklist of policies and procedures for compliance of smaller health care organizations.

Compliance

Compliance US Department of Health and Human Services HIPAA Electronic Medical Records

Could the EU's decision against Meta affect data privacy policies in the U.S.?

American Telemedicine Association Leaps Into Privacy and AI Policies

Trending Sources

Streamlining Your Dental Practice With the Right Privacy Policy

Sharing hospital website user data with 3rd parties is common, study shows

Impact of COVID-19 Privacy Policy Expiration

Website Privacy Policies and HIPAA’s Notice of Privacy Practices

HIMSS policy leader discusses telehealth bill, EU privacy rules

Nearly all hospital websites track visitors, but most don't specify who else is seeing users' data

State Genetic Privacy Statutes: Good Intentions, Unintended Consequences?

Privacy Policies and Procedures for Small Healthcare Providers Under Scrutiny.

Combatting Elder Abuse in Long-Term Care: Challenges and Opportunities of Electronic Monitoring

Health Systems Grapple with AI Governance: Balancing Promise and Risk

Your Patient Data Privacy Policy: Why It Matters (+ What to Include)

HITECH Compliance

Follow the (Medical) Record: Rita Bowen and The Sequoia Project

ATA takes a national stance on how states treat consumer health data

Senators intro bipartisan effort toward modernizing health privacy laws

AMA Issues 7 Principles for AI Development, Deployment, and Use

Protecting the Consumer at the Heart of DTC Precision Medicine

AHA says OCR's online tracking tool rules need to go

HIPAA Policies and Procedures

It’s Your Call – February 2024

Sensitive Data Requires Great Responsibility: The Importance of ‘Privacy and Security by Design’ in Healthcare

Keeping Reproductive Patient Records Protected and Private

Beyond HIPAA: FTC’s Data Protection Authority Results in Settlement with Genetic Testing Company

HIPAA Compliance Guidelines

Study: Popular women's health apps don't meet basic privacy, security standards

What is HIPAA Compliance in Healthcare?

Asynchronous Telehealth & Patient Privacy

HIPAA Compliance for Email

FTC Fines Genetic Testing Company for Data Privacy and Security Failures

FTC Enforcement Action Against Company and CEO Provides Roadmap for Reasonable Data Security Measures

The 'internet of healthy things' poses unique privacy challenges

Understanding HIPAA’s Central Role in Healthcare

Set Yourself Up for Success: Preparing for an OCR Inspection in Healthcare

Nevada Consumer Health Data Bill Signed into Law

HIPAA Compliance for Behavioral Health Billing

Expect More From HIPAA Proposed Changes: Easing Information Flow Shouldn’t Mean Reducing Health Data Privacy

2023 New Year’s Resolution: Effectively Comply with New Comprehensive State Privacy Laws

Asynchronous Telehealth & Patient Privacy

Study Explores How Medical Apps are Sending Health Data to Facebook and Others

Video: Why HIPAA Compliance is Important for Healthcare Professionals

Health IT Leadership’s Role in Patient Data Security and Privacy

HITECH Compliance

Stay Connected