On April 17, 2023, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) published its proposed rules to modify the Health Insurance Portability and Accountability Act (HIPAA). The proposed changes impact HIPAA’s... Read More
Last month, HHS Office for Civil Rights (“OCR”) announced that its COVID-19 related enforcement discretion regarding the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) will end on May 11, 2023, coinciding with the... Read More
Last month, Cerebral, Inc., notified the Department of Health and Human Services Office for Civil Rights (“OCR”), and issued a public notice, that nearly 3.2 million individuals may have been affected by a breach of data, including protected... Read More
In the wake of the Federal Trade Commission (“FTC”) enforcement action against GoodRx last month, the agency has issued another proposed consent order against virtual mental health platform BetterHelp on a similar basis. Namely, the... Read More
The Federal Trade Commission (“FTC”) recently enforced its Health Breach Notification Rule (“Rule”) for the very first time. The FTC issued a $1.5 million civil penalty to GoodRx and imposed restrictions on the company’s future handling of... Read More
The Office for Civil Rights (OCR) recently announced the resolution of eleven investigations in its Health Insurance Portability and Accountability Act (HIPAA) Right of Access Initiative, bringing the total number of enforcement actions to... Read More
The Office for Civil Rights (OCR) announced a settlement with Oklahoma State University – Center for Health Services (OSU-CHS) related to a hacking incident that compromised the protected health information (PHI) of 279,865 individuals. The... Read More
In 2021, the New Jersey Office of Attorney General (“NJAG”) entered into three settlement agreements with various healthcare entities over alleged violations of the Health Insurance Portability and Accountability Act (“HIPAA”). Of note, in... Read More
Recently, a media organization obtained the medical records of 281,000 patients from an individual who hacked a telemedicine platform. The platform specifically catered to patients seeking Ivermectin and Hydroxychloroquine prescriptions. The hack... Read More
Last week, the Federal Trade Commission (“FTC”) issued a policy statement that served to remind developers of apps, connected device manufacturers, and related entities of the applicability of the FTC’s Health Breach Notification Rule... Read More