Lisa Ropple

Jul 3, 2024 | mondaq.com | Alexis Gilroy |Lisa Ropple |Ryan Blaney |Claire Castles

The Federal Trade Commission ("FTC") intends to "strengthen and modernize" the Health Breach Notification Rule with revamped and increased scrutiny on entities holding health information, including health apps, websites, and other direct-to-consumer services. The FTC recently announced a final rule amending its Health Breach Notification Rule ("HBNR") to explicitly extend to health apps, websites, and other direct-to-consumer services holding certain health information.

Apr 4, 2024 | mondaq.com | Alexis Gilroy |Lisa Ropple |Ryan Blaney |Claire Castles

Effective March 31, 2024, the laws impose requirements relating to a new category of consumer health data ("CHD"), create consumer rights/protections, and potentially introduce increased privacy enforcement and litigation. Both laws apply to entities, and data processors acting on their behalf, that conduct business or provide products/services to consumers in the state and, alone or jointly, determine the purpose and means of handling CHD.

Apr 1, 2024 | lexology.com | Alexis Gilroy |Lisa Ropple |Ryan Blaney |Claire Castles |Jennifer Everett |Kristen McDonald

New, first-of-their-kind consumer health data privacy laws in Washington and Nevada are designed to provide state-level protections for personal health data not covered by the Health Insurance Portability and Accountability Act ("HIPAA") and set the stage for potential increased litigation and enforcement.

Dec 7, 2023 | mondaq.com | Alexis Gilroy |Lisa Ropple |Claire Castles |Jennifer Everett

The U.S. Department of Health and Human Services ("HHS") Office of Civil Rights ("OCR") has entered into its first settlement of potential Health Insurance Portability and Accountability Act ("HIPAA") violations arising out of a ransomware attack, signaling OCR's continued focus on data security.

Dec 6, 2023 | mondaq.com | Alexis Gilroy |Lisa Ropple |Jennifer Everett |Jeffrey L. Kapp

New York is the first state to propose cybersecurity requirements for all hospitals operating in the state to address patient safety and other cybersecurity related issues. On November 16, 2023, New York Governor Kathy Hochul proposed cybersecurity regulations applicable to all hospitals operating within the state.