HIPAA-regulated entities are not permitted to use online tracking technologies in a manner that would result in impermissible disclosures of protected health information to tracking technology vendors or any other violation of the HIPAA rules, the Department of Health and Human Services’ Office for Civil Rights reminded covered entities and business associates in a bulletin yesterday.
 
“Providers, health plans, and HIPAA-regulated entities, including technology platforms, must follow the law,” said OCR Director Melanie Fontes Rainer. “This means considering the risks to patients’ health information when using tracking technologies. Our Bulletin answers questions for those using tracking technologies, importantly how to protect the privacy and security of the health information they hold.”
 

Related News Articles

Headline
U.S. and international cybersecurity authorities this week released additional guidance to help health care and other critical infrastructure leaders defend…
Headline
AHA experts discuss how ChatGPT and artificial intelligence are transforming health care data analytics and some of the potential pitfalls. LISTEN NOW 
Headline
AHA and the Institute for Diversity and Health Equity Feb. 28 released the third of its five-part DEI Data Insights series, which highlights results from the…
Headline
President Biden Feb. 28 directed the Department of Justice to issue regulations to protect personal health and other data from countries known to collect and…
Headline
Senate Health, Education, Labor & Pensions Committee Ranking Member Bill Cassidy, R-La., Feb. 21 released a report proposing ways to modernize the existing…
Headline
The National Institute of Standards and Technology this week released updated guidance to help HIPAA-covered entities and business associates assess and manage…