The Department of Health and Human Services’ Office for Civil Rights and Federal Trade Commission yesterday sent a letter to about 130 hospital systems and telehealth providers reminding them to comply with HIPAA Privacy, Security and Breach Notification Rules, the FTC Act and FTC Health Breach Notification Rule when using technologies that can track a user’s online activities, such as Meta/Facebook Pixel and Google Analytics.  
 
“Both agencies are closely watching developments in this area,” the letter states. “To the extent you are using the tracking technologies described in this letter on your website or app, we strongly encourage you to review the laws cited in this letter and take actions to protect the privacy and security of individuals’ health information.”
 
For more information, see the HHS press release.

Related News Articles

Perspective
Even prior to the pandemic, the biggest questions facing health care providers were: Where is our field headed? And, how can we continue to innovate and…
Headline
The Department of Health and Human Services Dec. 6 released a concept paper outlining its cybersecurity strategy for the health care sector, which builds…
Headline
Health care and other organizations that operate Unitronics Programmable Logic Controllers should protect the devices from potential compromise through default…
Headline
A Russian national Dec. 4 pleaded guilty to his role in developing and deploying a suite of malware tools known as Trickbot, used to launch ransomware attacks…
Headline
The Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center is urging hospitals and other critical infrastructure to take…
Headline
Cyber actors attacking the Okta Help Center customer support management system in October downloaded a report containing the names and email addresses of all…