OPC-Funded Study Calls for Stricter Data Privacy Regulation of Commercial Virtual Healthcare Services in Canada

Guest blog: California expands scope of Confidentiality of Medical Information Act, strengthening protections for mental health information exchanged through digital health applications

In Fall 2022, the Office of the Privacy Commissioner of Canada (OPC) published a study it had funded on the privacy implications of direct-to-patient commercial virtual care platforms (VCPs) in Canada, technologies that allow healthcare practitioners to provide healthcare services to patients remotely. While the study does not constitute binding law or guidance, it is … Read more

Proposed Changes to Confidentiality of Substance Use Disorder Patient Records Rules Would Support Better Care, Decrease Stigma, and Penalize Violators

Guest blog: California expands scope of Confidentiality of Medical Information Act, strengthening protections for mental health information exchanged through digital health applications

Amid the ongoing proliferation of headlines about the mental health crisis in the United States, of which substance use disorder is a large part, the recent issuance by the US Department of Health and Human Services (HHS) of proposed changes to the Confidentiality of Substance Use Disorder Patient Records under 42 CFR part 2 (Part … Read more

Getting Healthcare in 2023 and Beyond…Virtually…and Securely

Guest blog: California expands scope of Confidentiality of Medical Information Act, strengthening protections for mental health information exchanged through digital health applications

Much is being written about “remote work” – is it productive, will demand for it continue or be curtailed in a recession, is cybersecurity compromised, does it inhibit workplace culture, collaboration, etc. Lots of questions, few clear answers. The discussion seems largely centered on office workers, professional service providers like me, who generally can perform … Read more

Cookies and Other Tracking Technologies May Violate HIPAA

Guest blog: California expands scope of Confidentiality of Medical Information Act, strengthening protections for mental health information exchanged through digital health applications

New Guidance from OCR Presents Challenges for HIPAA-Regulated Entities In the midst of significant privacy changes in many US states affecting tracking technologies such as cookies, pixels, and adtech, new lawsuits are alleging entities violated the Health Insurance Portability and Accountability Act of 1996 (HIPAA) via impermissible disclosure of health protected information due to the … Read more

HIPAA Regulated Entities: Website or App Tracking Technologies, Pixels Can Create Significant Compliance and Litigation Risks

Guest blog: California expands scope of Confidentiality of Medical Information Act, strengthening protections for mental health information exchanged through digital health applications

Last month, the US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) issued a bulletin with guidance concerning the use of online tracking technologies by covered entities and business associates under the Health Insurance Portability and Accountability Act (HIPAA). . The OCR Bulletin follows a significant uptick in litigation concerning these … Read more

The New and the Familiar: Changes to Health Information – Part 2

Guest blog: California expands scope of Confidentiality of Medical Information Act, strengthening protections for mental health information exchanged through digital health applications

As we discussed in our previous bulletin, the purpose of Bill 3, An Act respecting health and social services information and amending various legislative provisions (“Bill 3”)[1] is to establish a legal framework specific to health and social services information in order to facilitate a safer and more seamless flow of such information, all in … Read more

Data Protection within the scope of Employment Relations

Guest blog: California expands scope of Confidentiality of Medical Information Act, strengthening protections for mental health information exchanged through digital health applications

Employee personal data has always been important, but the pandemic exacerbated discussions on how such data can be processed by the employer in Turkish law. Employers operating in Turkey must configure their data processing activities as per the requirements of the Personal Data Protection Law no. 6698 (“PDPL”) in force in Turkey since 2016. This … Read more

The New and the Familiar: Changes to Health Information – Part 1

Guest blog: California expands scope of Confidentiality of Medical Information Act, strengthening protections for mental health information exchanged through digital health applications

The purpose of Bill 3, An Act respecting health and social services information and amending various legislative provisions (“Bill 3”)[1] is to establish a legal framework specific to health and social services information in order to facilitate a safer and more seamless flow of such information, all in the same legislation. Specifically, the idea is … Read more

10 Things Providers Should Know About California’s Data Exchange Framework

Guest blog: California expands scope of Confidentiality of Medical Information Act, strengthening protections for mental health information exchanged through digital health applications

By January 31, 2023, general acute care hospitals, clinical labs and certain physician organizations and medical groups in California are required to enter into the Single Data Sharing Agreement (DSA) to participate in the California Health and Human Services Agency (CalHHS) Data Exchange. Framework (DxF). California Health and Safety Code § 130290 (adopted as part … Read more

Data protection: ICO publishes draft guidance on handling information about workers’ health

Guest blog: California expands scope of Confidentiality of Medical Information Act, strengthening protections for mental health information exchanged through digital health applications

The ICO has published draft guidance on handling information about workers’ health which is open for consultation until 26 January 2023. THE FACTS As part of its wider initiative to update the Employment Practices Data Protection Code, the Information Commissioner’s Office has released draft guidance on handling information about workers’ health. The guidance, when finalised, … Read more