Interested in training for your team? Click here to learn more

Consumer Privacy Laws and Healthcare Entities: Regulatory Updates, Covered Entities, Scope of HIPAA Exemptions

A live 90-minute CLE video webinar with interactive Q&A

This program is included with the Strafford CLE Pass. Click for more information.
This program is included with the Strafford All-Access Pass. Click for more information.

Tuesday, March 12, 2024 (in 12 days)

1:00pm-2:30pm EDT, 10:00am-11:30am PDT

or call 1-800-926-7926

This CLE webinar will guide healthcare practitioners through the rapidly evolving landscape of state consumer privacy laws and their impact on healthcare entities—regardless of whether the entities are regulated under HIPAA. The panel will provide an overview of the laws, including similarities, key differences, how and when relevant exemptions may apply, and best practices for compliance.

Description

With a number of states already having comprehensive privacy laws in effect, a few states with comprehensive privacy laws enacted and soon to be in effect, many states with consumer privacy laws soon-to-be-enacted, and additional states considering similar types of legislation, companies and counsel should be aware of how these laws will affect their businesses and the management of collected consumer data.

Companies that process health data should pay special attention because these laws contain nuanced exemptions for entities covered by HIPAA, often apply to entities that fall outside the purview of HIPAA, and create special obligations for entities that process “sensitive” data (which often includes various categories of health information). Such health data companies should also be aware of new laws specifically focused on regulating consumer health data (such as Washington’s My Health My Data Act) and increased focus and attention by the Federal Trade Commission on this issue.

The state laws in question have varying threshold requirements determining coverage. For example, some state laws only provide information-level exemptions for entities that process protected health information regulated under HIPAA (such as the California Consumer Privacy Act and the My Health My Data Act), while others provide entity-level exemptions for covered entities and business associates. Others only regulate certain categories of health information (such as diagnosis information), while others are much broader in scope.

It is important for companies that process health data to be aware of these differences as they develop their compliance programs. Companies that process health data that may fall outside of HIPAA, such as pharmaceutical manufacturers, medical device companies, and consumer-directed digital health companies, should pay particular attention to these issues.

Listen as our expert panel guides practitioners through the maze of current and upcoming consumer privacy laws and their impact on healthcare entities. The panel will provide an overview of the laws, including similarities, key differences, how and when relevant exemptions may apply, and best practices for compliance.

READ MORE

Outline

  1. Hot Topics – HIPAA and health care data
  2. Overview of key state consumer privacy laws currently in effect
    1. Impact on HIPAA-regulated entities
  3. Overview of key upcoming state consumer privacy laws
    1. Impact on HIPAA-regulated entities
  4. Enforcement and litigation trends involving health care data
  5. General compliance tips and considerations

Benefits

The panel will review these and other important considerations:

  • How are healthcare entities impacted by the current and soon-to-be enacted consumer privacy laws?
  • How will new consumer health data privacy laws further change the compliance landscape?
  • What exemptions are allowed for HIPAA-regulated covered entities and their business associates?
  • What role will FTC enforcement play for health data companies?
  • Where are the greatest risk areas for companies?
  • What are best practices for compliance?

Faculty

Davis, Audrey
Audrey Davis

Attorney
Epstein Becker & Green

Ms. Davis focuses her practice on healthcare compliance; telehealth and telemedicine; privacy, cybersecurity, and data...  |  Read More

Litten, Elizabeth
Elizabeth G. Litten

Partner, Chief Privacy & HIPAA Compliance Officer
Fox Rothschild

Ms. Litten serves as national and regional counsel to a wide range of healthcare related entities including hospital...  |  Read More

Nixon, Carly
Carly E. Nixon

Attorney
Fox Rothschild

Ms. Nixon advises clients on a range of privacy and data security matters, including preventing and responding to data...  |  Read More

Attend on March 12

Cannot Attend March 12?

You may pre-order a recording to listen at your convenience. Recordings are available 48 hours after the webinar. Strafford will process CLE credit for one person on each recording. All formats include course handouts.

To find out which recorded format will provide the best CLE option, select your state:

CLE On-Demand Video

Download