On April 26, 2024, the Federal Trade Commission (FTC) issued a final rule to amend its Health Breach Notification Rule (HBN Rule). The HBN Rule works as a compliment and counterpart to the breach notification requirements established under the Health Insurance Portability and Accountability Act (HIPAA) for HIPAA-regulated entities. Specifically, the HBN Rule requires that vendors of personal health records (PHRs) and related entities that are not covered by HIPAA notify individuals, the FTC and, in some cases, media outlets of a breach of unsecured personally identifiable health data. Stakeholders should carefully review the final rule to understand how organizations will be impacted.
FTC Amends Health Breach Notification Rule to Regulate Health Apps and Expand Breach Notification Requirements
By Jennifer S. Geetter, Edward G. Zacharias, Alya Sulaiman, Kyle E. Hafkey and Abby Higgins on June 26, 2024
Posted In Digital Health, Privacy and Data Security
Jennifer S. GeetterJennifer S. Geetter advises global life sciences, health care and informatics clients on legal issues attendant to biomedical innovation, research compliance, financial relationship management, digital health practices, and global privacy and data security laws. Jennifer represents a broad range of clients. Read Jennifer Geetter's full bio.
Edward G. ZachariasEdward G. Zacharias is the managing partner of McDermott’s Boston office. Clients across the healthcare industry and beyond turn to him for practical, business-oriented counsel on their most significant privacy and cybersecurity compliance, healthcare regulatory and transactional matters. Ed’s clients include “Big Tech” companies, health information technology and digital health companies, healthcare providers, insurers, electronic health record platforms, pharmacies, drug and device manufacturers, life sciences companies and health services vendors. Read Edward Zacharias' full bio.
Alya SulaimanAlya Sulaiman works with clients to navigate complex healthcare regulatory, privacy and transactional matters, with a focus on digital health and data use strategy. Alya has substantial experience with product counseling and provides guidance during the conception, development, launch and support of new digital health products and services. Read Alya Sulaiman's full bio.
Kyle E. HafkeyKyle E. Hafkey focuses his practice on a wide range of transactional and regulatory matters affecting the healthcare industry, with a particular emphasis on fraud and abuse, data privacy, and clinical research. Read Kyle E. Hafkey's full bio.
Abby HigginsAbby Higgins provides regulatory counseling on all aspects of state and federal healthcare laws impacting hospitals and healthcare systems, with a particular emphasis on digital health products and services. Abby has experience handling issues related to fraud and abuse, Stark Law, federal Anti-Kickback Statute (AKS), Food & Drug Administration regulations, cannabis laws and patient data protection. Read Abby Higgins's full bio.
Related Posts
- FTC Issues Policy Statement Expanding Interpretation of Health Breach Notification Rule’s Scope
- Protecting the Telehealth Consumer: FTC and State-Based Considerations
- FTC Proposes Health Breach Notification Rule Amendments
- Washington State Legislature Passes My Health My Data Act
- Consumer Health Information Update from Both Sides of the Atlantic
BLOG EDITORS
STAY CONNECTED
TOPICS
ARCHIVES
RECENT POSTS
- FTC Amends Health Breach Notification Rule to Regulate Health Apps and Expand Breach Notification Requirements
- State Regulators Address Insurers’ Use of AI: 11 States Adopt NAIC Model Bulletin
- NQDC Complications and Best Practices
- Group Medical Captives, Level Funding and US Healthcare Policy
- The Changing Landscape of ESOP Litigation
