Tracking Health Information Using Online Technologies: New OCR Guidance, HIPAA Obligations for Regulated Entities
A live 90-minute CLE video webinar with interactive Q&A
This CLE webinar will guide healthcare counsel on the use of tracking technologies by covered entities (CE) and business associates (BA). The panel will discuss the new U.S. Dept. of Health and Human Services Office for Civil Rights (OCR) guidance and the impact on how CEs and BAs use tracking technologies. The panel will offer best practices for healthcare entities in light of the guidance and to ensure HIPAA compliance.
Outline
- New OCR guidance
- Tracking technologies
- Usage considering regulatory activity
- Usage in light of litigation against CEs and BAs
- Best practices for complying with new guidance
Benefits
The panel will review these and other high risk issues:
- How does the OCR guidance define tracking technologies and when are they permitted and not permitted?
- What constitutes PHI for tracking purposes?
- What steps should CEs and BAs take to ensure HIPAA compliance?
Faculty

Ryan P. Blaney
Partner; Head of Global Privacy & Cybersecurity Group
Proskauer Rose
Mr. Blaney’s practice focuses on regulatory compliance, enforcement, litigation and transactions in the areas of... | Read More
Mr. Blaney’s practice focuses on regulatory compliance, enforcement, litigation and transactions in the areas of data privacy, cybersecurity, healthcare, and emerging technologies. He advises private equity, asset managers, healthcare, life sciences, retail and technology clients on privacy and cybersecurity compliance, cybersecurity incidents and government investigations, including acting as lead counsel in defending clients in regulatory investigations by HHS-OCR, DOJ, FTC, FCC and State Attorneys General. Mr. Blaney counsels clients on federal, state, and international privacy and security laws including California Consumer Privacy Act, EU GDPR, and HIPAA, among others. He has expertise counseling clients on emerging artificial intelligence, digital health, healthcare fraud and abuse, third-party reimbursement and FDA regulatory matters. He also has substantial experience in defending healthcare clients in False Claims Act qui tam matters and has obtained several declinations and dismissals
Close
Cory Brennan
Attorney
Hall Render Killian Heath & Lyman
Ms. Brennan concentrates her practice on information and clinical systems security. Providing over a decade of... | Read More
Ms. Brennan concentrates her practice on information and clinical systems security. Providing over a decade of experience in developing risk management strategies and implementing advanced technology solutions, she serves as a trusted partner to clients as they navigate their security needs. With extensive practical knowledge of healthcare information security and compliance standards, including HIPAA/HITECH, NIST and ISO, Ms. Brennan advises clients on all aspects of security and risk management strategies, including conducting risk assessments, incident and breach response, business continuity planning and governance development. Prior to joining the firm, she developed, improved and managed an effective organizational security and risk management program capable of meeting compliance standards and managing the demands of clinical operations for large organizations, including a multibillion-dollar healthcare system serving more than 2,600 sites across 21 states. Ms. Brennan is a member of the Healthcare Technology Leadership Council for the Association for the Advancement of Medical Instrumentation.
Close
Mark J. Swearingen
Attorney
Hall Render Killian Heath & Lyman
Mr. Swearingen has practiced in the area of health information privacy and security for over 20 years, with particular... | Read More
Mr. Swearingen has practiced in the area of health information privacy and security for over 20 years, with particular focus on HIPAA compliance, data breach response, government investigations, HIPAA audits and 42 C.F.R. Part 2. Since the HIPAA Breach Notification Rule was issued in 2009, he has handled a substantial number of healthcare data breaches, including cases involving ransomware, email phishing, lost/stolen devices, insider threats and medical devices. Mr. Swearingen regularly guides clients through government investigations of privacy and security incidents and has successfully negotiated resolutions and settlements with both federal and state agencies. He also advises clients on issues relating to emerging technologies, such as telemedicine, medical apps and artificial intelligence. He has worked with a broad spectrum of organizations, including health systems, hospitals, physician practices, health plans, governments, technology companies and business associates. Mr. Swearingen speaks and writes frequently, both regionally and nationally, on healthcare privacy and security matters.
Close