In December 2022, the Office for Civil Rights (OCR) of the US Department of Health and Human Services issued a Bulletin that discusses the obligations of HIPAA covered entities and business associates when deploying online tracking technologies on their websites and mobile apps. The Bulletin has caused HIPAA-regulated entities to reassess when and how they collect personal information from patients and other users online.

Join a data privacy technology expert from Ankura Consulting and members of McDermott’s Healthcare and Global Privacy & Cybersecurity practices as they address the application of HIPAA to online tracking technologies and the OCR Bulletin.

Discussion topics will include:

• An explanation of cookies, pixels and other tracking technologies
• How to determine what information is collected through online tracking technologies
• When information collected online is HIPAA protected health information (PHI)
• HIPAA compliance obligations for tracking technologies processing PHI
• Risk of compromise assessments for unauthorized disclosures to tracking technology vendors