In the Headlines
March 21, 2024

Update to HHS' Controversial Web Tracker Guidance Offers Little Practical Relief, Legal Experts Say

Fierce Healthcare

Data Strategy, Security and Privacy attorney Paul Bond was quoted in a Fierce Healthcare article, describing the new complexities facing healthcare organizations due to updated guidance on HIPAA compliance and third-party web trackers. He highlighted how the guidance places an ambiguous burden on entities to discern when a website interaction constitutes the creation of Protected Health Information (PHI). Mr. Bond illustrates the confusion with the example that a website visitor accessing oncology materials could either be creating PHI or not, solely based on their status as a patient or researcher.

“Under OCR’s guidance, a user accessing oncology materials on a healthcare website is creating PHI if they happen to be a patient, and is not creating PHI if they happen to be a researcher. And if a third-party tracking technology is present on that oncology section of the website, it both does and does not concern HIPAA, depending on circumstances unknown and unknowable to the covered entity. OCR has created Schrödinger’s Website User," he said. 

READ: Update to HHS' Controversial Web Tracker Guidance Offers Little Practical relief, Legal Experts Say

Related Professional

Paul Bond

Related Practices

Healthcare & Life Sciences Digital Healthcare Healthcare & Life Sciences Policy HIPAA and Healthcare Privacy Healthcare Regulatory Compliance Data Strategy, Security & Privacy Global Cybersecurity and Privacy Policy and Regulation

Related Industries

Healthcare & Life Sciences Technology & Telecommunications

Related News and Headlines