On April 24, the Federal Trade Commission announced that it had finalized changes to its Health Breach Notification Rule - to address emerging technologies.
Specifically, the Rule was broadened to (1) apply to entities not currently subject to the Health Insurance Portability and Accountability Act, (2) clarify what a breach of security is, (3) expand notification methods, (4) impose additional requirements for the content of notifications, and (5) amend the timeframe for issuing required notifications to the FTC.
On Monday, the U.S. Department of Health and Human Services Office for Civil Rights issued updated guidance on the use of online tracking technologies by covered entities and business associates (here, referred to as “regulated entities”) under the Health Insurance Portability and Accountability Act Privacy Rule. The intent of the guidance is to provide regulated entities with considerations when using tracking technologies on their websites and mobile applications.
The Constangy Cyber Advisor posts regular updates on legislative developments, data privacy, and information security trends. Our blog posts are informed through the Constangy Cyber Team's experience managing thousands of data breaches, providing robust compliance advisory services, and consultation on complex data privacy and security litigation.
Subscribe
Contributors
- Suzie Allen
- John Babione
- Bert Bender
- Ansley Bryan
- Jason Cherry
- Christopher R. Deubert
- Maria Efaplomatidis
- Sebastian Fischer
- Laura Funk
- Lauren Godfrey
- Taren N. Greenidge
- Chasity Henry
- Julie Hess
- Sean Hoar
- Donna Maddux
- David McMillan
- Ashley L. Orler
- Todd Rowe
- Melissa J. Sachs
- Allen Sattler
- Brent Sedge
- Matthew Toldero
- Alyssa Watzman
- Aubrey Weaver
- Xuan Zhou