Since the privacy and security regulations were issued under the federal Health Insurance Portability and Accountability Act (HIPAA), critics pointed to the limitations on the reach of those rules. A critical limitation advanced by privacy advocates is that the popular health data privacy rule extends only to certain covered entities and their business associates, not
personal health information
Health App Alert: FTC Expands Scope Health Breach Notification Rule
The Federal Trade Commission (“FTC”) recently issued an important policy statement to health apps and other connected devices that collect or use consumers’ health information. The FTC’s policy statement effectively clarified the position that health apps and related connected devices are subject to the Health Breach Notification Rule (“the Rule”), which requires vendors of personal…
Vermont Court Finds Patient Can Sue Hospital and an Employee for Breach of Confidentiality
By Jason C. Gavejian & Maya Atrakchi on
Posted in Consumer Privacy, HIPAA
In a landmark ruling, the Vermont Supreme Court recently held that a patient had standing to sue both the hospital at which she was a patient and the employee who attended to her, for negligent disclosure of her personal health information to a third-party. Neither the Health Insurance Portability and Accountability Act (HIPAA) nor Vermont…