HIPAA-regulated entities are not permitted to use online tracking technologies in a manner that would result in impermissible disclosures of protected health information to tracking technology vendors or any other violation of the HIPAA rules, the Department of Health and Human Services’ Office for Civil Rights reminded covered entities and business associates in a bulletin yesterday.
 
“Providers, health plans, and HIPAA-regulated entities, including technology platforms, must follow the law,” said OCR Director Melanie Fontes Rainer. “This means considering the risks to patients’ health information when using tracking technologies. Our Bulletin answers questions for those using tracking technologies, importantly how to protect the privacy and security of the health information they hold.”
 

Related News Articles

Headline
The Federal Trade Commission June 8 released for public comment a notice of proposed changes to breach notification requirements for entities that collect…
Headline
The Department of Health and Human Services’ Office for Civil Rights should finalize its proposed “commonsense” amendments to the HIPAA Privacy Rule to support…
Headline
After the COVID-19 public health emergency ends on May 11, the Centers for Disease Control and Prevention will use COVID-19-associated hospital admission…
Headline
The Department of Health & Human Services’ Office for Civil Rights today released a proposed rule that would prohibit entities regulated by the HIPAA…
Headline
The Health Resources and Services Administration today released 2017-2022 Organ Procurement and Transplantation Network data on the number of organ donors…
Headline
The Department of Health and Human Services should adopt its proposed standard for claims attachments to help improve claims processing and eliminate…