Overview
In December 2022, the Office for Civil Rights (OCR) of the US Department of Health and Human Services issued a Bulletin that discusses the obligations of HIPAA covered entities and business associates when deploying online tracking technologies on their websites and mobile apps. The Bulletin has caused HIPAA-regulated entities to reassess when and how they collect personal information from patients and other users online.
Join a data privacy technology expert from Ankura Consulting and members of McDermott’s Healthcare and Global Privacy & Cybersecurity practices as they address the application of HIPAA to online tracking technologies and the OCR Bulletin.
Discussion topics will include:
- An explanation of cookies, pixels and other tracking technologies
- How to determine what information is collected through online tracking technologies
- When information collected online is HIPAA protected health information (PHI)
- HIPAA compliance obligations for tracking technologies processing PHI
- Risk of compromise assessments for unauthorized disclosures to tracking technology vendors
