In a consequential decision for Health Insurance Portability and Accountability Act (HIPAA)-regulated entities, on June 20, 2024, the US District Court for the Northern District of Texas ruled that the US Department of Health and Human Services Office for Civil Rights exceeded its authority in certain respects in sub-regulatory guidance. The guidance concerned HIPAA’s application to cookies and other online tracking technologies on HIPAA-regulated entities’ unauthenticated webpages.
Federal Court Invalidates Key Part of HHS OCR Bulletin Regarding Application of HIPAA to Online Tracking Technologies
By Ryan S. Higgins, David Quinn Gacioch, Jennifer S. Geetter, Daniel F. Gottlieb and Edward G. Zacharias on August 27, 2024
Ryan S. Higgins
Ryan S. Higgins focuses his practice on representing hospitals, health systems, private equity firms and platform companies, and other health care organizations in corporate and transactional matters, including mergers, acquisitions, joint ventures and management arrangements. He also devotes a significant portion of his practice to representing health care organizations in matters involving health information privacy and security and Health Insurance Portability and Accountability Act (HIPAA) compliance. Ryan serves on the Chicago's office Pro Bono Committee and is heavily involved in pro bono matters. Read Ryan Higgins' full bio.
David Quinn Gacioch
David Quinn (Dave) Gacioch focuses his practice on litigation and enforcement defense, primarily related to the US healthcare sector. Dave counsels hospitals, health systems, physician practices, and other providers, along with payors, private equity sponsors, pharmaceutical and medical device manufacturers, and others involved in the US healthcare system, on compliance and risk mitigation issues. He conducts internal investigations for clients, and represents them in government investigations, enforcement actions, and civil and criminal litigation, including class actions. Read David Gacioch's full bio.
Jennifer S. Geetter
Jennifer S. Geetter advises global life sciences, health care and informatics clients on legal issues attendant to biomedical innovation, research compliance, financial relationship management, digital health practices, and global privacy and data security laws. Jennifer represents a broad range of clients. Read Jennifer Geetter's full bio.
Daniel F. Gottlieb
Daniel F. Gottlieb counsels a wide range of health care industry clients, including health care providers, health plans, health information technology (IT) vendors and life sciences companies. He represents these entities on health IT acquisitions, privacy and data protection, reimbursement, fraud and abuse, and other health care regulatory and transactional matters. Daniel is a co-leader of the Firm’s Global Privacy and Cybersecurity Practice. Read Daniel Gottlieb's full bio.
Edward G. Zacharias
Edward G. Zacharias is the managing partner of McDermott’s Boston office. Clients across the healthcare industry and beyond turn to him for practical, business-oriented counsel on their most significant privacy and cybersecurity compliance, healthcare regulatory and transactional matters. Ed’s clients include “Big Tech” companies, health information technology and digital health companies, healthcare providers, insurers, electronic health record platforms, pharmacies, drug and device manufacturers, life sciences companies and health services vendors. Read Edward Zacharias' full bio.
Ryan S. Higgins focuses his practice on representing hospitals, health systems, private equity firms and platform companies, and other health care organizations in corporate and transactional matters, including mergers, acquisitions, joint ventures and management arrangements. He also devotes a significant portion of his practice to representing health care organizations in matters involving health information privacy and security and Health Insurance Portability and Accountability Act (HIPAA) compliance. Ryan serves on the Chicago's office Pro Bono Committee and is heavily involved in pro bono matters. Read Ryan Higgins' full bio.
David Quinn Gacioch
David Quinn (Dave) Gacioch focuses his practice on litigation and enforcement defense, primarily related to the US healthcare sector. Dave counsels hospitals, health systems, physician practices, and other providers, along with payors, private equity sponsors, pharmaceutical and medical device manufacturers, and others involved in the US healthcare system, on compliance and risk mitigation issues. He conducts internal investigations for clients, and represents them in government investigations, enforcement actions, and civil and criminal litigation, including class actions. Read David Gacioch's full bio.
Jennifer S. Geetter
Jennifer S. Geetter advises global life sciences, health care and informatics clients on legal issues attendant to biomedical innovation, research compliance, financial relationship management, digital health practices, and global privacy and data security laws. Jennifer represents a broad range of clients. Read Jennifer Geetter's full bio.
Daniel F. Gottlieb
Daniel F. Gottlieb counsels a wide range of health care industry clients, including health care providers, health plans, health information technology (IT) vendors and life sciences companies. He represents these entities on health IT acquisitions, privacy and data protection, reimbursement, fraud and abuse, and other health care regulatory and transactional matters. Daniel is a co-leader of the Firm’s Global Privacy and Cybersecurity Practice. Read Daniel Gottlieb's full bio.
Edward G. Zacharias
Edward G. Zacharias is the managing partner of McDermott’s Boston office. Clients across the healthcare industry and beyond turn to him for practical, business-oriented counsel on their most significant privacy and cybersecurity compliance, healthcare regulatory and transactional matters. Ed’s clients include “Big Tech” companies, health information technology and digital health companies, healthcare providers, insurers, electronic health record platforms, pharmacies, drug and device manufacturers, life sciences companies and health services vendors. Read Edward Zacharias' full bio.
Related Posts
- Navigating Data Privacy Questions Post-Dobbs
- OCR Update on Tracking Technologies Provides Little Relief for HIPAA-Regulated Entities
- Hospital Settles With OCR for $4.75 Million Over HIPAA Violations
- How Dobbs Has Changed the Data Privacy Landscape
- HIPAA Compliance 101: Lessons from a Recent OCR Settlement
BLOG EDITORS
STAY CONNECTED
TOPICS
ARCHIVES
RECENT POSTS
- HHS Letter Reiterates Expectations for Language Accessibility
- Employee Benefit Plans: Important Considerations for Year-End and 2025
- Post-Election Outlook: Issues to Watch for Pharmacy Industry Stakeholders
- Post-Election Health Policy Priorities
- IRS Issues Proposed Regulations to Ensure Expanded Preventative Care Services Coverage