Health and Human Services (“HHS”) released updated guidance yesterday on the use of online tracking technologies (like cookies, pixels, software development kits (SDKs), etc.) by HIPAA Covered Entities (the “Updated Guidance”). The Updated Guidance amends and supersedes HHS’s original guidance on the use of digital tracking technologies published on December 1, 2022 (the “Prior Guidance”). […]
Health Privacy
Washington AG’s Office Updates FAQs for My Health My Data Act
The Office of the Attorney General of Washington (the “AG”) has updated the Frequently Asked Questions (the “FAQs”) for the Washington My Health My Data Act (the “Act” or “Washington Act”) to provide guidance on the AG’s position concerning whether businesses must publish standalone consumer health data privacy policies under the Act. The update, first […]
Making (Brain) Waves: New Colorado Legislation Poised to Protect Privacy of Neural Data
Neurotechnology, like wearable EEG headbands and invasive brain implants, collects information from electrical nerve impulses and brain waves derived from your brain, spinal cord, or nervous system. This information, or neurodata, is valuable, unique, potentially individually identifiable, and has the potential to provide access to a person’s memories, biases, and intentions. (For more information, see […]
Why the New EU-U.S. Data Privacy Framework May Be Good News for Life Sciences Companies in the U.S.
BACKGROUND U.S.-based life sciences companies can be subject to the European Union (‘EU’) General Data Protection Regulation (‘GDPR’), even if they do not have any subsidiary, affiliate or other physical presence in the EU. This can be the case if, for example, a pharmaceutical or medical device company in the U.S. acts as a sponsor […]
HHS and FTC Fire a Warning Shot at Healthcare Companies Using Online Tracking Technologies
On July 20, 2023, the Office for Civil Rights (“OCR”) of the U.S. Department of Health and Human Services (“HHS”), and the Federal Trade Commission (“FTC”) published a joint letter sent to approximately 130 hospital systems and telehealth providers. The FTC/OCR letter warns that certain online tracking technologies that “may be present” on the recipients’ […]