Original broadcast date: 19 January 2022 This web conference is an in-depth, practical discussion regarding the build out of a healthcare privacy program. Panelists describe key privacy and related laws that are relevant to global healthcare organizations, core pillars of work to consider in building out a healthcare privacy program and discuss key recommendations based on these pillars that can help to make a privacy program a competitive differentiator.  Read More

This report, published by Kaspersky, found telehealth calls have raised concerns over data security and privacy violations for doctors, nurses and patients. Read More

This article by Kirk Nahra, CIPP/US, of Wiley Rein offers an overview of the Health Insurance Portability and Accountability Act from its inception. The article outlines the goals of the law, highlighting the principles found in the HIPAA privacy and security rules. Click To View ... Read More

This article, published by Compliance Junction, provides guidance on the application of the Health Insurance Portability and Accountability Act, with a focus on business associates, hybrid entities and preemption by state laws. Read More

The U.S. Department of Health & Human Services Office for Civil Rights (OCR) published this guidance page providing announcements, guidance, notifications and bulletins on civil rights laws and the HIPAA Privacy Rule during the COVID-19 outbreak. Read More

Original broadcast date: May 24, 2021  The Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules were written in a period where health information was concentrated in the hands of traditional health care institutions such as doctors, hospitals and health plans. Almost two decades later, this is no longer the case. With revolutionary advances in technology, an increasing number of variety of organizations are generating and collecting sensitive health information largely outside the bounds of HIPAA. This panel discussed whether HIPAA is still up to the task of protecting health information. They investigated the supporting principles for any legislation that might modify how health information is treated and assess specific proposals for updating the current sector-specific framework. They also assessed the capacity of those proposals to better embrace the advantages and threats posed by recent changes to the health privacy landscape. Read More

This paper examines the nature of privacy through lens of safety focused on the health sector. Read More

Original broadcast date: April 1, 2021  Is a pandemic reason enough to roll out surveillance? Our panel is ready to answer your burning questions regarding the impact COVID-19 is having on privacy. Join us to explore how health companies are processing sensitive data and how telemedicine is shaping the future. We will cover how businesses have handled additional sensitive data during this crisis (including article 9(h) and (g) of the GDPR) and debate what is safe and what is intrusive. This interactive session includes a travel industry test case and firsthand account from the insurance sector. We will analyze what impact COVID-19 has had on companies from a business, employment and cybersecurity perspective. Read More

The findings presented in this report are the result of a collaborative research project between the IAPP and EY studying the effects of the COVID-19 pandemic on privacy teams around the world. Read More

The IAPP and EY launched a research initiative to gain more insight into the unique ways privacy and data protection practices have been affected by the pandemic. The initial phase of the project included a survey of privacy professionals, taking a deeper look at how organizations, in general, and privacy programs, in particular, are handling the privacy and data protection issues that have emerged alongside COVID-19, such as privacy and security issues related to working from home, monitoring the health of employees, and sharing data with governments, researchers and public health authorities. Read More

This report, published by Kaspersky, found telehealth calls have raised concerns over data security and privacy violations for doctors, nurses and patients. Read More

This guide from Holland & Knight highlights the recent FTC policy statement signaling its move towards using its enforcement tools where sensitive health information may be compromised, and provisions from both the Health Breach Notification Rule and the policy statement to be aware of. Read More

Original broadcast date: April 7, 2021  Despite a common misconception, privacy and healthcare research (including innovation) are not polarizing forces. Join privacy experts from the life sciences and healthcare field as they discuss how data is really used in research and development. You will hear their views on bridging the perceived gap between healthcare research and privacy, and how to apply those ideas to current challenges, such as innovating responses to COVID-19. The panel will also discuss types of research, what makes data use in drug development and medtech different from other industries, effective anonymization/deidentification, lawful data use and how to build public trust within the industry. Read More

This paper issued by the Information and Privacy Commissioner of Ontario aims to provide guidance in accordance with The Personal Health Information Protection Act, 2004 to health information custodians when they are faced with a privacy breach. Read More

This Ponemon Institute study represents findings from healthcare organizations and business associates, as to how often they experience data breaches, the resources they have to prevent and respond to breaches, and their ability to keep patient data safe. Click To View (PDF) ... Read More

This guidance by Experian addresses the unique challenges that come with responding to a breach involving healthcare data. Read More

Original broadcast date: March 10, 2021  Is your company following the U.S. Occupational Safety and Health Administration’s recommendations or state guidelines? Do you have a handle on where your health data is being stored, and is it accessible and secure? Companies now have a surplus of health data, whether it’s COVID-19 test or vaccination statuses or general health questionnaire data collected from employees. What are the requirements around keeping this data or disclosing it to your employees? In this privacy education web conference, we will answer these questions to help you understand best practices around health data record-keeping to help you develop a plan now. Read More

This guidance document, published by the U.S. Department of Health and Human Services, is intended to assist sponsors, clinical investigators, contract research organizations, institutional review boards, and other interested parties on the use of electronic health record data in FDA-regulated clinical investigations. Read More

This paper from TransCelerate BioPharma Inc. considers how de-identification and anonymization techniques can be applied to individual patient data in order to fulfill transparency, disclosure and research requests while safeguarding the privacy of individuals (e.g., participants and company staff). This paper proposes which techniques to apply in order to conform to existing directives and regulatory guidance while balancing the utility of the de-identified data to the researcher. Click To Vie... Read More

The purpose of this report, published by the U.S. Department of Health and Human Services, serves to display the development of practical and understandable cybersecurity guidelines to cost-effectively reduce cybersecurity risks for health care organizations. Click To View (PDF) ... Read More