Health Care Privacy/HIPAA

Subscribe to Health Care Privacy/HIPAA via RSS

This New Year, California Imposes Guardrails on the Use of AI by Payors for Utilization Management Determinations

By Whitney Phelps, Jonian Rafti & Michael Menconi on December 23, 2024

SB 1120 (the “Bill”), which takes effect on January 1, 2025, amends existing California law to adopt guardrails around the use of artificial intelligence tools for the purpose of utilization management.[1] As discussed in a prior Proskauer alert, the Bill represents one of the latest attempts by the…

Shortly After its Online Tracking Technologies Bulletin is Declared Unlawful, HHS-OCR Stands Down, Withdraws Appeal

By Matthew J. Westbrook, Jonian Rafti, Anna W. Chan & Leslie Shanklin on September 27, 2024

On August 29, 2024, the Office for Civil Rights of the United States Department of Health and Human Services (“HHS-OCR”) withdrew its appeal of an order by the United States District Court for the Northern District of Texas’ (“District Court”) declaring unlawful and vacating a portion of an HHS-OCR Bulletin…

New HIPAA Requirements Place Additional Privacy Obligations on Covered Entities and Patients in an Effort to Protect Reproductive Health Care Information

By Whitney Phelps & Michael Menconi on June 21, 2024

On April 22, 2024, the Office for Civil Rights (OCR) for the United States Department of Health and Human Services issued a Final Rule amending the Privacy Rule of the Health Insurance Portability and Accountability Act (HIPAA). The Final Rule, which goes into effect on June 25, 2024, promulgates…

Another Resolution by DOJ Pursuant to its Civil Cyber-Fraud Initiative Highlights Continued Efforts to Hold Companies Accountable for Ensuring Data are Secured

By Matthew J. Westbrook & Ryan P. Blaney on June 5, 2023

We previously wrote about the United States Department of Justice’s (“DOJ”) Civil Cyber-Fraud Initiative (“CCFI”), which “aims to hold accountable entities or individuals that put U.S. information or systems at risk by knowingly providing deficient cybersecurity products or services, knowingly misrepresenting their cybersecurity practices or protocols, or knowingly violating obligations to monitor and report cybersecurity incidents and breaches.” In that post, we summarized DOJ’s first two False Claims Act (“FCA”) resolutions pursuant to the CCFI, which amounted to more than $9 million in recoveries.

Privacy Post-Dobbs

By Whitney Phelps & Angela Gichinga on July 8, 2022

Fifty years of legal precedent established by Roe v. Wade, 410 U.S. 113 (1973), and Planned Parenthood of Southern Pa. v. Casey, 505 U.S. 833 (1992), were overturned in Dobbs v. Jackson Women’s Health Organization, holding that the Constitution does not confer a right to abortion and leaving…

Federal Vaccination Tracking Raises Privacy Concerns

By Ryan P. Blaney & Krusheeta R. Patel on April 14, 2021

Although vaccine rollout began slowly in the United States, millions of people are now being vaccinated against COVID-19 per day. As individuals receive the vaccine, states have been collecting personal health data in individual immunization registries. Experts say this data collection is essential to effectively monitor vaccination progress, report adverse reactions, compare vaccine efficacy in cross sections of the population, and keep track of who needs second doses and when.

Health Care Law Brief