Tracking Health Information Using Online Technologies: New OCR Guidance, HIPAA Obligations for Regulated Entities

A live 90-minute CLE video webinar with interactive Q&A

This program is included with the Strafford CLE Pass. Click for more information.
This program is included with the Strafford All-Access Pass. Click for more information.

Wednesday, March 1, 2023

1:00pm-2:30pm EST, 10:00am-11:30am PST

or call 1-800-926-7926

This CLE webinar will guide healthcare counsel on the use of tracking technologies by covered entities (CE) and business associates (BA). The panel will discuss the new U.S. Dept. of Health and Human Services Office for Civil Rights (OCR) guidance and the impact on how CEs and BAs use tracking technologies. The panel will offer best practices for healthcare entities in light of the guidance and to ensure HIPAA compliance.

Description

OCR issued guidance on the use of tracking technologies by CEs and BAs. The guidance highlights the HIPAA privacy and security obligations when CEs and BAs use online tracking technologies. An IP address is both an identifier and an individually identifiable health information when collected on a healthcare entity's website.

HIPAA applies when tracking technologies collect the email or IP address when the individual visits a CE's webpage to schedule appointments with his/her provider. OCR notes that this may apply when the website addresses specific symptoms or health conditions.

CEs should review and evaluate their relationships with tracking technology vendors to determine whether any data disclosed is protected health information (PHI) and whether the vendor is a BA. CEs also need to ensure HIPAA compliance regarding its disclosures with the vendors.

Listen as our authoritative panel of healthcare attorneys examines how the guidance impacts how CEs and BAs use tracking technologies and evaluate such usage considering the significant regulatory and litigation activity against CEs and BAs regarding their use of this technology. The panel will also offer best practices for healthcare entities in light of the guidance and to ensure HIPAA compliance.

READ MORE

Outline

  1. New OCR guidance
  2. Tracking technologies
    1. Usage considering regulatory activity
    2. Usage in light of litigation against CEs and BAs
  3. Best practices for complying with new guidance

Benefits

The panel will review these and other high risk issues:

  • How does the OCR guidance define tracking technologies and when are they permitted and not permitted?
  • What constitutes PHI for tracking purposes?
  • What steps should CEs and BAs take to ensure HIPAA compliance?

Faculty

Blaney, Ryan
Ryan P. Blaney

Partner; Head of Global Privacy & Cybersecurity Group
Proskauer Rose

Mr. Blaney’s practice focuses on regulatory compliance, enforcement, litigation and transactions in the areas of...  |  Read More

Brennan, Cory
Cory Brennan

Attorney
Hall Render Killian Heath & Lyman

Ms. Brennan concentrates her practice on information and clinical systems security. Providing over a decade of...  |  Read More

Swearingen, Mark
Mark J. Swearingen

Attorney
Hall Render Killian Heath & Lyman

Mr. Swearingen has practiced in the area of health information privacy and security for over 20 years, with particular...  |  Read More

Attend on March 1

Cannot Attend March 1?

You may pre-order a recording to listen at your convenience. Recordings are available 48 hours after the webinar. Strafford will process CLE credit for one person on each recording. All formats include course handouts.

To find out which recorded format will provide the best CLE option, select your state:

CLE On-Demand Video

Download