Resource Center / Topic Pages / Health Privacy
Health Privacy
TOPIC PAGE
Navigate by Topic
On this topic page, you can find the IAPP’s collection of coverage, analysis and resources related to health privacy.
Health Privacy
Health care privacy on the ground: Key challenges and practical solutions
This white paper tackles some of the most pressing challenges in-house health care privacy teams face and describe concrete solutions.
Read More
This article covers how health care privacy is a mess, and why it isn’t likely to get better soon.
Read More
US courts and regulators on online tracking in health care
This article explores U.S. court and regulator activity around use of online tracking technologies in health care.
Read More
The DNA of privacy and the privacy of DNA
This articles provides analysis on how the collection and use of genomic data has eclipsed many previously designed information privacy laws and principles.
Read More
Consumer health data: A risk-based approach to digital privacy
U.S. regulation and enforcement of health data privacy matters has increased. This article proposes that it may be wise for potentially affected companies to pause and consider a more risk-based approach.
Read More
Privacy Resources for Digital Health Data
This infographic provides resources, frameworks and guidance organizations can consider when increasing protections for products and services that collect, use and/or sell digital health data.
Read More
HIPAA News and Resources
HIPAA Privacy and Security for Beginners
HHS Guidance: HIPAA, Civil Rights, and COVID-19
HHS proposes major overhaul of HIPAA security rule
Guide to Privacy and Security of Electronic Health Information
Who Can Sue for A HIPAA Violation?
HIPAA Basics for Providers: Privacy, Security, and Breach Notification Rules
Why the Fifth Circuit HIPAA case doesn’t mean ‘game over’ for HHS data security enforcement
Unpacking the proposed HIPAA Privacy Rule modifications
Understanding HIPAA’s security rule for telemedicine apps
AMA HIPAA Guidance and Toolkit
Perspectives on health data de-identification
HHS notice on telehealth penalties raises privacy concerns
HIPAA Privacy Rule: Hybrid Entity Regulatory Reference Table
Paging all health care privacy pros: CCPA deserves your attention despite HIPAA exemption
Protecting Personal Health Information in Research: Understanding the HIPAA Privacy Rule
HIPAA – Covered Entities and Business Associates
Sample Business Associate Agreement Provisions
COVID-19
Washington’s My Health, My Data Act
Precision nutrition and biometric privacy in health tech
Online tracking technologies and HIPAA misconceptions
European Health Data Space: Revolutionizing health care, scientific research in the EU
Assessing ‘necessity’ under state health privacy laws
OCR delivers reports on HIPAA adherence
Report details how health websites flout privacy laws
Privacy laws, ethics and the conundrum of DNA
NAI releases best practices for protecting patient privacy
OCR publishes telehealth resources for providers, patients
Consumer health data: A risk-based approach to digital privacy
The sweeping scope of Washington’s My Health, My Data Act
PrivTech Talks: Privacy tech in health care and medical research
Filling the void? The 2023 state privacy laws and consumer health data
Flo’s Khan: Building a better future for female health is a ‘privilege’
‘Neurorights’ and the next flashpoint of medical privacy
Digital transformation in the health care sector: Research and innovation as secondary use
Top takeaways from the FTC-GoodRx case: A chat with Kirk Nahra
A healthy dose of consent: Takeaways from the FTC’s GoodRx case
Privacy and neurodiversity: Helping diverse minds navigate the digital age
FTC releases updated interactive health care app compliance tool
OCR creates new guidance for HIPAA ‘recognized security practices’
P.S.R. 2022 keynote: Roe v. Wade reversal a ‘wake-up’ across privacy spectrum
Privacy and digital health data: The femtech challenge
Tips for Protecting Privacy Post-Dobbs v. Jackson Women’s Health Organization
A view from DC: Considering what is defined as genetic data
Roe v. Wade’s overturn: The impact on data protection and law enforcement
Defining health data: A major challenge for any privacy law
Roe v. Wade reversal sends ripples through privacy world
Commission proposal for a regulation on the European health data space
Building an Effective and Strategic Healthcare Privacy Program
European Health Data Space: Repairing the trans-Atlantic data relationship through biotech R & D
A public service announcement about the HIPAA Privacy Rule
Profiles in Privacy — A conversation with Patrice Ettinger
Pfizer CPO: ‘You really feel the enormity of what we are doing’
Advancing Data-Driven Health Research and Innovation Responsibly
The status quo of health data inferences
Privacy in the Wake of COVID-19
Additional News and Resources
The state of US reproductive privacy in 2025: Trends and operational considerations
Washington’s My Health, My Data Act
The promise of the EHDS: Revolutionizing European health care
Sharing is (health)caring? A look into the new European Health Data Space
HHS proposes major overhaul of HIPAA security rule
Precision nutrition and biometric privacy in health tech
Online tracking technologies and HIPAA misconceptions
European Health Data Space: Revolutionizing health care, scientific research in the EU
Assessing ‘necessity’ under state health privacy laws
OCR delivers reports on HIPAA adherence
Report details how health websites flout privacy laws
Privacy laws, ethics and the conundrum of DNA
NAI releases best practices for protecting patient privacy
OCR publishes telehealth resources for providers, patients
Consumer health data: A risk-based approach to digital privacy
The sweeping scope of Washington’s My Health, My Data Act
PrivTech Talks: Privacy tech in health care and medical research
Filling the void? The 2023 state privacy laws and consumer health data
Flo’s Khan: Building a better future for female health is a ‘privilege’
‘Neurorights’ and the next flashpoint of medical privacy
Digital transformation in the health care sector: Research and innovation as secondary use
Top takeaways from the FTC-GoodRx case: A chat with Kirk Nahra
A healthy dose of consent: Takeaways from the FTC’s GoodRx case
Privacy and neurodiversity: Helping diverse minds navigate the digital age
FTC releases updated interactive health care app compliance tool
OCR creates new guidance for HIPAA ‘recognized security practices’
P.S.R. 2022 keynote: Roe v. Wade reversal a ‘wake-up’ across privacy spectrum
Privacy and digital health data: The femtech challenge
Tips for Protecting Privacy Post-Dobbs v. Jackson Women’s Health Organization
A view from DC: Considering what is defined as genetic data
Roe v. Wade’s overturn: The impact on data protection and law enforcement
Defining health data: A major challenge for any privacy law
Roe v. Wade reversal sends ripples through privacy world
Commission proposal for a regulation on the European health data space
Building an Effective and Strategic Healthcare Privacy Program
European Health Data Space: Repairing the trans-Atlantic data relationship through biotech R & D
A public service announcement about the HIPAA Privacy Rule
Profiles in Privacy — A conversation with Patrice Ettinger
Pfizer CPO: ‘You really feel the enormity of what we are doing’
Advancing Data-Driven Health Research and Innovation Responsibly
The status quo of health data inferences
Privacy in the Wake of COVID-19