The Department of Health and Human Services’ Office for Civil Rights and Federal Trade Commission yesterday sent a letter to about 130 hospital systems and telehealth providers reminding them to comply with HIPAA Privacy, Security and Breach Notification Rules, the FTC Act and FTC Health Breach Notification Rule when using technologies that can track a user’s online activities, such as Meta/Facebook Pixel and Google Analytics.  
 
“Both agencies are closely watching developments in this area,” the letter states. “To the extent you are using the tracking technologies described in this letter on your website or app, we strongly encourage you to review the laws cited in this letter and take actions to protect the privacy and security of individuals’ health information.”
 
For more information, see the HHS press release.

Related News Articles

Headline
The AHA Oct. 6 released a Cybersecurity Advisory urging immediate action against a critical Oracle E-Business Suite vulnerability that is remotely exploitable…
Headline
The AHA has launched an enhanced Cybersecurity and Risk webpage designed to help health care organizations strengthen their defenses against emerging cyber and…
Headline
A Health-ISAC (Information Sharing and Analysis Center) bulletin released Oct. 1 warns of a recently released LockBit 5.0 ransomware variant that poses a…
Headline
Fernando Martinez, Ph.D., chief digital officer at the Texas Hospital Association, shares how Texas and the THA are building regional resilience through cyber…
Headline
The federal government shut down Oct. 1 following a failed Senate vote on the House-passed continuing resolution to fund the government by midnight Sept. 30.…
Headline
Microsoft Sept. 16 announced it had disrupted a growing phishing service that had targeted at least 20 U.S. health care organizations. The company said it used…