The Federal Trade Commission updated its health data breach notification measures to include more apps and technologies not covered by a federal health privacy law.
The key changes to the health breach notification final rule (RIN 3084-AB56) issued Friday include revising the definition of “public health record related entity” to make clear that these entities include anyone that offers products and services online, including mobile applications, or vendors of personal health records.
The FTC action fills a gap because health apps generally aren’t covered by the Health Insurance Portability and Accountability Act, known as HIPAA. That law directs ...
Learn more about Bloomberg Law or Log In to keep reading:
Learn About Bloomberg Law
AI-powered legal analytics, workflow tools and premium legal & business news.
Already a subscriber?
Log in to keep reading or access research tools.