OCR reminder: HIPAA rules apply to online tracking technologies

Dec 02, 2022 - 03:04 PM

HIPAA-regulated entities are not permitted to use online tracking technologies in a manner that would result in impermissible disclosures of protected health information to tracking technology vendors or any other violation of the HIPAA rules, the Department of Health and Human Services’ Office for Civil Rights reminded covered entities and business associates in a bulletin yesterday.
 
“Providers, health plans, and HIPAA-regulated entities, including technology platforms, must follow the law,” said OCR Director Melanie Fontes Rainer. “This means considering the risks to patients’ health information when using tracking technologies. Our Bulletin answers questions for those using tracking technologies, importantly how to protect the privacy and security of the health information they hold.”
 

Related News Articles

Headline
CMS releases request for state applications for Cell and Gene Therapy Access Model targeting sickle cell disease 
The Centers for Medicare & Medicaid Services June 28 announced the request for state applications for the Cell and Gene Therapy Access Model. The CGT…
News
Judge rules in favor of AHA vacating HHS online tracking ‘bulletin’ as unlawful and beyond agency authority
A United States District Court Judge in Texas today ruled in favor of the AHA, Texas Hospital Association, and hospital plaintiffs, agreeing that Department of…
Headline
DOJ announces task force on health care monopolies and collusion
The Department of Justice May 9 announced the formation of a task force focusing on competition concerns in health care. The unit, the Task Force on Health…
Headline
ACHI releases new CHA Toolkit resources 
AHA’s Community Health Improvement network has added new resources to its Community Health Assessment Toolkit, including four new supplements focusing on how…
Headline
OCR finalizes rule prohibiting certain reproductive health care disclosures
The Department of Health & Human Services’ Office for Civil Rights April 22 released a final rule prohibiting entities regulated by the HIPAA Privacy Rule…
Headline
AHA blog counters myth that hospitals are not reporting enough data
“Imagine if the government required health insurance and drug companies to account for every dollar they spent, audit those data, and publicly report those…