Agencies warn hospitals, others about tracking technology compliance risks

Jul 21, 2023 - 02:28 PM
cybersecurity

The Department of Health and Human Services’ Office for Civil Rights and Federal Trade Commission yesterday sent a letter to about 130 hospital systems and telehealth providers reminding them to comply with HIPAA Privacy, Security and Breach Notification Rules, the FTC Act and FTC Health Breach Notification Rule when using technologies that can track a user’s online activities, such as Meta/Facebook Pixel and Google Analytics.  
 
“Both agencies are closely watching developments in this area,” the letter states. “To the extent you are using the tracking technologies described in this letter on your website or app, we strongly encourage you to review the laws cited in this letter and take actions to protect the privacy and security of individuals’ health information.”
 
For more information, see the HHS press release.

Related News Articles

Headline
AHA, other hospital groups urge UHG to formalize breach notification plans following Change Healthcare cyberattack 
The AHA and other national hospital groups May 8 sent a letter to UnitedHealth Group, urging the organization to formally accept responsibility for issuing…
Headline
CISA extends comment period for proposed rule on cyber incident reporting
The Cybersecurity and Infrastructure Security Agency May 3 extended the comment period to July 3 for the April 4 proposed rule that would implement cyber…
Headline
White House releases critical infrastructure memo empowering CISA to strengthen health care security 
The Biden Administration April 30 released a memo announcing updated critical infrastructure protection requirements, which include the Cybersecurity &…
Headline
Agencies issue cyber advisory on North Korean spear phishing efforts 
The FBI, State Department and National Security Agency issued a warning about attempts by North Korean state-sponsored cyberthreat actors to exploit improperly…
Headline
Lawmakers grill UHG CEO at hearings following Change Healthcare cyberattack
Senate and House lawmakers May 1 grilled UnitedHealth Group CEO Andrew Witty about the continued fallout from the Feb. 22 cyberattack on Change Healthcare —…
Headline
AHA advertorial: Is UnitedHealth Group ‘Too Big To Fail’? 
“If you are asking yourself how a cyberattack on a single company could cause such massive damage, you are asking the right question,” an AHA advertorial in…