HIPAA

FTC takes first enforcement action under its Health Breach Notification Rule; also takes action against misrepresentation of HIPAA compliance

The FTC announced its first enforcement action under its Health Breach Notification Rule. This rule applies to entities that are not covered under HIPAA. The announcement of the proposed order was filed by the U.S. Department of Justice on behalf of the FTC against the “…telehealth and prescription drug discount provider GoodRx Holdings, Inc. for

How New Procedural Controls Using the Privacy Act of 1974 Can Improve the Protections of Reproductive Health Information Held by Federal Agencies

September 2022 By Robert Gellman and Pam Dixon Download this Report Executive Summary This report suggests specific procedural and substantive ways that the Executive Branch can revise implementation of the Privacy Act of 1974 to restrict and more carefully administer some disclosures of reproductive health information by federal agencies to federal, state, and local law

HIPAA and Reproductive Health: A companion FAQ to the Patient’s Guide to HIPAA

July 2022 Download a PDF The World Privacy Forum publishes and maintains A Patient’s Guide to HIPAA, which is a plain language explanation of how to use the law to guard your health privacy. This companion FAQ on HIPAA is focused on reproductive health privacy in response to the many questions we are receiving from

WPF urges HHS to clarify the harms of medical identity theft for victims

WPF has urged HHS to clarify the intersection between HIPAA compliance and harms resulting from medical identity theft in its response to the Request for Information from the Office of Civil Rights of the Department of Health and Human Services regarding implementation of the HITECH Act. WPF has a long history of work on the issue of medical identity theft, which has informed its response to HHS.