OnDemand | Connecting the Dots Between Health Apps, HIPAA, and the FTC
In late 2021, the Federal Trade Commission (“FTC”) issued guidance clarifying protections applicable to consumers’ sensitive personal data increasingly collected by digital health applications. Per the FTC statement, organizations using “health applications and connected devices” to “collect or use” consumers’ personal health information must comply with the cybersecurity, privacy and notification mandates of the Health Breach Notification Rule (“Rule”).
In the wake of the FTC’s statement, any organization that has enjoyed freedom from the confines of HIPAA but provides or uses mobile or web-based health apps to collect personal health information, should evaluate their coverage under the Rule. Robert Kantrowitz, attorney with Kirkland & Ellis, and Jon Moore, Chief Risk Officer and Head of Consulting Services for Clearwater, will discuss how the regulatory landscape is evolving as the use of health apps become increasingly common and the industry continues to push for greater interoperability and patient access to health information.
Webinar viewers will learn:
- How to determine whether the information collected by a health app is covered under the FTC Rule or HIPAA
- What the relevant HIPAA and FTC regulations are for health apps and those that sell or provide them
- How to prevent concerns over cybersecurity and privacy from stifling digital health adoption