Carolyn Metnick

Subscribe to Carolyn Metnick's Posts
Carolyn V. Metnick represents a range of healthcare industry clients, including hospitals and health systems, physician organizations and digital health companies. She advises on healthcare regulatory and transactional matters with a focus on health information privacy and security. Carolyn advises clients on a range of privacy and security laws, including HIPAA and the California Consumer Privacy Act (CCPA). She also counsels businesses in data breach investigations and compliance with federal and state breach notification laws. Carolyn is a Certified Information Privacy Professional/United States (CIPP/US) and a Certified Information Privacy Professional/Europe (CIPP/E). Read Carolyn V. Metnick's full bio.

Navigating Data Privacy Questions Post-Dobbs

By , , , and on Aug 10, 2022
Posted In Digital Health, Employee Benefits, Health and Welfare Plans

The US Supreme Court’s recent decision to overturn Roe v. Wade in Dobbs v. Jackson Women’s Health Organization has raised many questions about potential efforts by law enforcement agencies to obtain data from healthcare and other service providers to detect the performance of a possibly unlawful abortion. For example, data collected by period-tracking apps, patients’...

Continue Reading

FTC Issues Policy Statement Expanding Interpretation of Health Breach Notification Rule’s Scope

By , and on Oct 13, 2021
Posted In Digital Health, Employee Benefits, Health and Welfare Plans, Privacy and Data Security

On September 15, 2021, the Federal Trade Commission (FTC) voted 3–2 along party lines (with Republican commissioners dissenting) to issue a policy statement announcing an expansive interpretation of the FTC’s Health Breach Notification Rule, 16 CFR Part 318 (the Rule). According to the policy statement, the Rule applies to health apps and connected devices that...

Continue Reading