HIPAA Archives - EMPLOYEE BENEFITS BLOG

Navigating Data Privacy Questions Post-Dobbs

By Scott Weinstein, Jayda Greco, David Quinn Gacioch, Daniel F. Gottlieb and Carolyn Metnick on Aug 10, 2022
Posted In Digital Health, Employee Benefits, Health and Welfare Plans

The US Supreme Court’s recent decision to overturn Roe v. Wade in Dobbs v. Jackson Women’s Health Organization has raised many questions about potential efforts by law enforcement agencies to obtain data from healthcare and other service providers to detect the performance of a possibly unlawful abortion. For example, data collected by period-tracking apps, patients’ self-reported symptoms, or diagnostic-testing results might be used to establish the timeframe in which an individual became pregnant, and then demonstrate that a pregnancy was terminated, as part of investigative or enforcement efforts against individuals or organizations allegedly involved in such termination.

On June 29, 2022, the office within the US Department of Health and Human Services (HHS) that is responsible for enforcing the Health Insurance Portability and Accountability Act (HIPAA), the Office for Civil Rights (OCR), issued guidance addressing how HIPAA limits disclosures by covered entities and business associates to law enforcement agencies in the absence of a court order or other legal mandate. The guidance provides helpful insight on how OCR may use HIPAA enforcement to discourage unauthorized disclosures of protected health information (PHI) to law enforcement officials in the wake of new state laws outlawing abortion. The guidance also implicitly confirms, however, that HIPAA does not provide a complete shield against law enforcement and litigation-driven requests for abortion-related information.

FTC Issues Policy Statement Expanding Interpretation of Health Breach Notification Rule’s Scope

By Carolyn Metnick, Edward G. Zacharias and Sam Siegfried on Oct 13, 2021
Posted In Digital Health, Employee Benefits, Health and Welfare Plans, Privacy and Data Security

On September 15, 2021, the Federal Trade Commission (FTC) voted 3–2 along party lines (with Republican commissioners dissenting) to issue a policy statement announcing an expansive interpretation of the FTC’s Health Breach Notification Rule, 16 CFR Part 318 (the Rule). According to the policy statement, the Rule applies to health apps and connected devices that are not subject to the Health Insurance Portability and Accountability Act (HIPAA) but are capable of drawing information from multiple sources—for example, through a combination of consumer inputs and application programming interfaces (APIs).

Protecting the Telehealth Consumer: FTC and State-Based Considerations

By Jiayan Chen on Sep 21, 2021
Posted In Digital Health, Employee Benefits, Health and Welfare Plans, Privacy and Data Security

Telemedicine in the United States is facing an important crossroads. While telehealth services have demonstrated their value as an integral part of care delivery, federal and state waivers instituted during the COVID-19 pandemic are likely to expire soon. As lawmakers and agency officials consider updated or expanded digital health rules, regulators are expected to intensify their scrutiny of providers.

In this webinar, McDermott partners Jiayan Chen and Brian J. Boyle explore consumer protections for telehealth consumers, including the following:

Privacy considerations beyond the Health Insurance Portability and Accountability Act of 1996, including Federal Trade Commission requirements;
How to prepare for the Health Breach Notification Rule;
The ins and outs of advertising telehealth, including claims, endorsements and social media;
Strategies for engaging with users in the digital environment; and
Increased fraud enforcement.

Access the webinar.

COVID-19 Vaccine Q&A

By Joseph K. Mulherin, Kathleen Quinn, Troy Van Dongen and McDermott Will & Emery on Jul 7, 2021
Posted In Employee Benefits, Employment, Health and Welfare Plans

Can employers mandate some employees get the vaccine and not others? Is there an obligation to consider requiring a COVID-19 test before coming back to work? What are the potential workers’ compensation claims relating to possible adverse reactions to a vaccine? Should employers mandate vaccinations?

In this article, McDermott partners Carole Spink, Joseph Mulherin, Kathleen Quinn and Troy Van Dongen answer common employer questions about the COVID-19 vaccine.

Access the article.

VIDEO: Transfers of Health Data from the European Union to the United States in a Post-Schrems II World

By Amy C. Pimentel and Romain Perray on May 27, 2021
Posted In Employee Benefits, Health and Welfare Plans, Privacy and Data Security

In this video, McDermott Will & Emery partner Amy C. Pimentel explains the significance of health data transfers from the European Union to the United States in a post-Schrems II world. The recent Schrems II ruling invalidated the EU-US Privacy Shield, holding that the US legal regime on access to personal data does not contain adequate limitations and safeguards. Pimentel and McDermott’s Romain Perray recently also wrote for McDermott’s International News about this topic.

Access the article.

EEOC Proposes New Rules on Wellness Programs

By Jacob Mattinson, Judith Wethall and Sarah Raaii on Jan 26, 2021
Posted In Employee Benefits, Health and Welfare Plans, Privacy and Data Security

On January 7, 2021, the Equal Employment Opportunity Commission (EEOC) issued proposed guidance regarding employer-sponsored wellness programs and the level of incentives employers may offer employees who participate in these programs in the form of two proposed rules. On January 20, 2021, the Biden administration ordered agencies to immediately withdraw most unpublished rules, including the EEOC proposed rules. Agencies may not issue any new regulations until they can be reviewed and approved by agency or department heads appointed or designated by President Biden.

Access the article.

CCPA Amendment Update: California Legislature Approves Exceptions for HIPAA De-Identified Information and Other Health Data

By Daniel F. Gottlieb and Deepali Doddi on Oct 22, 2020
Posted In Employee Benefits, Health and Welfare Plans, Privacy and Data Security

On September 25, 2020, California Governor Gavin Newsom signed into law California AB 713, which amends the California Consumer Privacy Act (CCPA) to except from its requirements certain health information, including information that has been de-identified in accordance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA). The bill’s enactment eases some of the CCPA compliance challenges experienced by the health care and life sciences industries by more closely aligning the CCPA with HIPAA and other laws governing human subjects research. The new law also amends the CCPA to except all business associates to the extent that they maintain, use or disclose patient information in the same manner as protected health information under HIPAA.

Access the article.

The Toughest Problem Set: Navigating Regulatory and Operational Challenges on University Campuses

By Jennifer S. Geetter, Laura Jehl and Michael Ryan on Sep 24, 2020
Posted In Employment, Labor, Privacy and Data Security

Because widespread, rapid COVID-19 testing remains unavailable in many locations, universities have had to find innovative ways to implement testing, tracing and isolation protocols to reduce the risk of transmission among students, faculty and staff. There is no one perfect protocol—all universities are in unchartered waters. But there are a few key components university administrators may want to consider and address.

Access the article.

Worker Safety, Privacy Clash as Temperature Checks Become Norm

By Michael J. Sheehan on Jun 18, 2020
Posted In Employment, Privacy and Data Security

Employers are poised to collect health data from their workforces daily as they adopt temperature checks and other screening protocols to fight the coronavirus, triggering concerns about workers’ privacy and whether the practices will continue beyond the pandemic.

“The temperature checks give employees and customers the feeling of safety and the idea that the company is doing everything possible, even if the screenings don’t protect the workplace,” said Michael Sheehan, a partner with McDermott Will & Emery, in a recent Bloomberg Law article.

Access the full article.

COVID-19: FAQs on Employees Experiencing Symptoms and Employee Absences

By Michelle S. Strowhiro on Jun 8, 2020
Posted In Employment, Health and Welfare Plans, Privacy and Data Security

With rapid developments in local, state and federal guidance and law, the appropriate approach for each employer in relation to COVID-19 will vary depending on the nature of their work, the industries served and their location and size, among other considerations. This article outlines what employers need to know about employees experiencing symptoms and employee absences.

Access the full article.

Older Posts »

BLOG EDITORS

STAY CONNECTED

TOPICS

ARCHIVES

RECENT POSTS