The Department of Health and Human Services, Office of Civil Rights (“OCR”) has published a Bulletin which officially states that incorporating certain tracking technologies into websites and mobile applications may cause HIPAA violations that could result in breach notification obligations as well as penalties. This includes platforms and services provided by companies like Meta (formerly Facebook) and Google.
Covered Entities need to take immediate steps to identify their uses of tracking technologies and whether there are appropriate safeguards in place to prevent inappropriate use or disclosure of PHI.
Learn More
