Data Dive

On March 9, 2021, the U.S. Department of Health and Human Services Office for Civil Rights announced that the public comment period for the HIPAA proposed privacy rule would be extended until May 6, 2021. The rulemaking was published in the Federal Register on January 21, 2021, with an initial comment deadline of March 22, 2021. Noting the potential for confusion concerning the impact of the Regulatory Freeze announced on January 20, 2021, the agency determined that “the public may need additional time to review the proposals and submit comments.”

On April 2, 2020, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced that the agency will exercise enforcement discretion with respect to certain uses and disclosures of protected health information (PHI) by business associates for public health and health oversight activities that would otherwise violate the Health Insurance Portability and Accountability Act of 1996 and Health Information Technology for Economic and Clinical Health Act of 2009 (together with their implementing regulations, HIPAA) during the COVID-19 public health emergency.¹

Akin Gump published a client alert outlining key provisions of New York’s Stop Hacks and Improve Electronic Data Security (SHIELD) Act, signed by Governor Cuomo on July 25, 2019. The data breach notification requirements of the SHIELD Act take effect today (October 23, 2019), while the data security protections of the Act take effect March 21, 2020. The data breach notification requirements will have a significant impact on businesses that own or license computerized data that contain the private information of New York residents. Notably, HIPAA covered entities are also subject to additional breach reporting requirements under the Act. Please click here to read the full alert.

Akin Gump published a client alert regarding the broad request for information issued on December 14, 2018 by the U.S. Department of Health and Human Services, Office for Civil Rights to help the agency identify and address undue obstacles to the sharing of protected health information. Any potential updates to the privacy, security and breach notification regulations adopted under the Health Insurance Portability and Accountability Act of 1996 and the Health Information Technology for Economic and Clinical Health Act of 2009 (together, HIPAA) are due February 12, 2019. Please click here to read the full alert.