Bridget Steele, counsel, had her “HHS-OCR Cautions Health Care Providers to Confirm Their Website and Apps Are HIPAA-Compliant” article published in the June 2023 issue of the New York Beat, the monthly enewsletter from the New York Medical Group Management Association (NYMGMA). The article explores covered entities’ use of third-party tracking technologies on websites and mobile apps and their compliance with HIPAA.
“Because use of tracking technologies has become widespread, OCR has urged regulated entities to review their websites and mobile apps to ensure they collect information in a HIPAA-compliant manner.”
“[P]roviders’ compliance and IT teams should understand what tracking technologies are used and what types of data are collected and shared on their public-facing websites and mobile apps. In the event HIPAA applies to the information collected, then appropriate [business associate agreements] need to be in place, data should be collected securely in accordance with the HIPAA Rules, and any applicable website or app privacy policy needs to be consistent with requirements under HIPAA.”
Click here to read the full article.