On March 18, 2024, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) updated its guidance on the use of online tracking technology by covered entities regulated by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and their business associates (together, “regulated entities”). While the updated guidance from OCR seems intended to clarify, and even narrow, the circumstances under which regulated entities’ use of websites and mobile app tracking technologies constitutes a disclosure of Protected Health Information (PHI), it fails to provide clarity on the exact scope, rendering compliance challenging. We summarize the updates to the guidance below and analyze briefly how these updates may impact the use of tracking technologies on unauthenticated and authenticated webpages, and what companies may explore in terms of compliance.Continue Reading OCR at HHS Updates Guidance on Use of Online Tracking Technology by HIPAA-Regulated Entities
technology
WSGR Event Recap: Online Advertising and Privacy—An Overview of Global Legal Developments
On May 22, 2019, WSGR and the Future of Privacy Forum (FPF) co-hosted an event focusing on advertising technology and how to overcome the challenges of complying with evolving global privacy requirements.
Jules Polonetsky from FPF opened the program, focusing on the evolution of online advertising, from contextual to programmatic behavioral advertising. WSGR attorneys Lydia Parnes, Cédric Burton, Libby Weingarten, and Lore Leitner discussed the legal regime that applies to this technology: new legal requirements, recent case law, and data protection authorities’ decisions affecting the ad tech ecosystem, as well as the differences between EU and U.S. legislation applying to ad tech.Continue Reading WSGR Event Recap: Online Advertising and Privacy—An Overview of Global Legal Developments