The use of technology to provide healthcare has existed for decades; however, recent advances in technology and changes in reimbursement have increased the prevalence of telehealth for diagnosing and treating patients. Telehealth is an emerging and promising method of providing healthcare in areas where healthcare may be limited or unavailable. Telehealth provides quality, cost-effective healthcare … Continue Reading
On June 6, the 11th Circuit issued its long-awaited decision on LabMD Inc. v. Federal Trade Commission, vacating as unenforceable the Federal Trade Commission’s (FTC’s) cease and desist order that required LabMD to create and implement a variety of protective measures with respect to data security. Notably, however, the decision did not address the most … Continue Reading
On April 4, 2017, the Massachusetts Attorney General’s office announced that it had settled with a digital advertiser following allegations the company was using geolocation technology to target ads to women visiting reproductive health facilities. Although the company denied that it geofenced clinics in Massachusetts, the AG indicated that such targeting would violate the Massachusetts … Continue Reading
Catholic Health Care Services of the Archdiocese of Philadelphia (CHCS) recently agreed to enter into a $650,000 resolution agreement and a two-year corrective action plan (CAP) with the Office for Civil Rights (OCR). CHCS provides management and information technology services as a business associate to six nursing homes. The OCR settlement follows a finding that … Continue Reading
By couching its position in an individual’s right to access protected health information (PHI), beginning on January 7, 2016, the U.S. Department of Health & Human Services’ Office for Civil Rights (OCR) issued guidance to covered entities clarifying access to PHI set forth in the Health Insurance Portability and Accountability Act of 1996 (HIPAA). §45 … Continue Reading
Internet-based file-sharing services such as Dropbox and Google Drive can be easy and convenient to use, whether via the touch of an app on a mobile device or by opening a browser on a PC. Healthcare professionals are often tempted to use such services to store or share documents, since the stored documents can be … Continue Reading
North Dakota has amended its Notice of Security Breach for Personal Information statute, North Dakota Century Code Section 51-30 et seq., to expand the definition of “personal information” to include “medical information” and health insurance information.” Pursuant to the amended statute, “medical information” includes any information regarding an individual’s medical history, mental or physical condition, … Continue Reading
BakerHostetler’s Privacy and Data Protection Team has handled some of the largest and most complex privacy incidents and regulatory investigations in the healthcare industry. This Year in Review gives a summary of the team’s activity in 2012.… Continue Reading
The final rule is significant for any organization that is considered to be a HIPAA covered entity (“CE”) (health systems, health care providers, health plans, etc.) or the more broadly defined business associate (“BA”). During our initial analysis of the final rule, we note significant changes to the way a breach is defined and we … Continue Reading
The long awaited HIPAA/HITECH final rule is out. Please join Data Privacy Monitor contributors, Theodore J. Kobus III and Lynn Sessions for a webinar that will cover what stands out as big changes and how healthcare organizations need to prepare. Have the standards just been juggled or will healthcare organizations need to change their approach? A … Continue Reading