News and analysis for the well-informed compliance or audit exec.
Annual Membership best value
Subscribe now for $365
Our lowest price ($1 per day) for one year.
Register for free
Receive the CW newsletter and access CPE webcasts.
- Chief Compliance Officer and VP of Legal Affairs, Arrow Electronics
By Kyle Brasseur2023-07-21T16:15:00
The Federal Trade Commission (FTC) and Department of Health and Human Services sent letters to approximately 130 hospital systems and telehealth providers regarding potential patient privacy violations and security risks stemming from online tracking technologies.
The use of technology such as the Meta pixel code snippet or Google Analytics could “gather identifiable information about users, usually without their knowledge and in ways that are hard for users to avoid, as users interact with a website or mobile app,” said the agencies in a joint press release Thursday.
Unauthorized disclosure of an individual’s personal health information to third parties could violate the Health Insurance Portability and Accountability Act, while companies not covered by HIPAA still have a responsibility to protect against such disclosure under laws including the FTC Act and Health Breach Notification Rule, the agencies warned.
THIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.
News and analysis for the well-informed compliance or audit exec.
Annual Membership best value
Subscribe now for $365
Our lowest price ($1 per day) for one year.
Register for free
Receive the CW newsletter and access CPE webcasts.
2024-06-12T02:05:00Z By Jeff Dale
The Department of Justice and Federal Trade Commission proposed telehealth company Cerebral pay a total of $7 million for its alleged sharing of patient data and deceptive business practices in violation of the FTC Act.
2024-04-26T18:49:00Z By Adrianne Appel
Mobile health applications and similar technologies must notify customers following a data breach or risk violating the Federal Trade Commission’s health breach notification rule.
2023-11-01T22:10:00Z By Kyle Brasseur
Doctors’ Management Service agreed to pay $100,000 in settling the first ransomware agreement under the Health Insurance Portability and Accountability Act reached by the Department of Health and Human Services’ Office for Civil Rights.
2024-07-26T19:18:00Z By Jeff Dale
RTX Corp., the parent company of Raytheon, disclosed in a public filing it has reserved $1.24 billion to resolve legacy legal matters with the Department of Justice, Securities and Exchange Commission, and Department of State.
2024-07-26T15:51:00Z By Aaron Nicodemus
The U.K. Financial Conduct Authority issued a fine of $4.5 million (3.5 million pounds) against a U.K.-based subsidiary of crypto platform Coinbase for providing services to high-risk customers in violation of FCA rules.
2024-07-26T13:36:00Z By Adrianne Appel
Admera Health agreed to pay more than $5.5 million to resolve allegations first brought by two whistleblowers that it paid kickbacks to third-party contractors, the Department of Justice said.
Site powered by Webvision Cloud