The growing use of healthcare mobile applications and websites—and the associated use of online tracking technologies—raises privacy concerns under the Health Insurance Portability and Accountability Act (HIPAA) that developers of such applications and healthcare organizations should keep in mind. Indeed, there has been an uptick in litigations filed across the country involving healthcare mobile application and website tracking technologies in which plaintiffs have alleged wrongful uses and disclosures of patient data collected by these technologies, regardless of whether such collection was inadvertent. In December 2022, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) issued a bulletin with guidance concerning the use of online tracking technologies by covered entities and business associates under HIPAA.

To learn about online tracking technologies, HIPAA obligations related to these technologies and the OCR’s guidance to HIPAA-covered entities concerning the use of these technologies, read the Workplace Privacy, Data Management & Security Report here.