In the wake of the Federal Trade Commission (“FTC”) enforcement action against GoodRx last month, the agency has issued another proposed consent order against virtual mental health platform BetterHelp on a similar basis. Namely, the... Read More
The Federal Trade Commission (“FTC”) recently enforced its Health Breach Notification Rule (“Rule”) for the very first time. The FTC issued a $1.5 million civil penalty to GoodRx and imposed restrictions on the company’s future handling of... Read More
The Office for Civil Rights (OCR) recently announced the resolution of eleven investigations in its Health Insurance Portability and Accountability Act (HIPAA) Right of Access Initiative, bringing the total number of enforcement actions to... Read More
The Office for Civil Rights (OCR) announced a settlement with Oklahoma State University – Center for Health Services (OSU-CHS) related to a hacking incident that compromised the protected health information (PHI) of 279,865 individuals. The... Read More
In 2021, the New Jersey Office of Attorney General (“NJAG”) entered into three settlement agreements with various healthcare entities over alleged violations of the Health Insurance Portability and Accountability Act (“HIPAA”). Of note, in... Read More
Recently, a media organization obtained the medical records of 281,000 patients from an individual who hacked a telemedicine platform. The platform specifically catered to patients seeking Ivermectin and Hydroxychloroquine prescriptions. The hack... Read More
Last week, the Federal Trade Commission (“FTC”) issued a policy statement that served to remind developers of apps, connected device manufacturers, and related entities of the applicability of the FTC’s Health Breach Notification Rule... Read More
This month, the Department of Health and Human Services, Office for Civil Rights (“OCR”), the agency tasked with enforcing the Health Insurance Portability and Accountability Act (“HIPAA”), issued its Summer 2021 Cybersecurity Newsletter.... Read More
The Whistleblower Exception protects a covered entity from being considered to have committed a breach if the whistleblower is a member of the covered entity’s workforce and is the victim of a crime. In a recent article in Relias Media called,... Read More
The Department of Health and Human Services Office for Civil Rights (“OCR”) continues to bring enforcement actions against entities it alleges have infringed on a patient’s right to timely access their records in violation of the Health... Read More