Brian Lichter, Adam Cooke, Mitchell Green
Pixels and other tracking technologies are commonly used by business of all types on their websites and mobile applications to gather information about individuals visiting their sites or using their apps. While privacy advocates have long criticized such practices, December 2022 guidance from HHS warned that using trackers to transmit PHI to a third party without the patient’s consent may violate HIPAA. State AGs have also recently begun looking into these practices. How can organizations manage their compliance obligations given the ubiquity and business benefits of using these trackers? What can organizations do to understand trackers they are currently using and help mitigate their regulatory and litigation risk? Our panel of experts will examine these questions and more:
- What are the HIPAA compliance obligations for healthcare organizations using third-party data tracking technology on website and mobile apps?
- What can an organization do in the near term to assess what trackers it uses and mitigate risk?
- How can an organization effectively identify and catalog third-party trackers and their associated activity and integrate this work into a broader compliance program?
What is the current state of the regulatory and litigation landscape, and what future developments do we expect?
Brian Lichter, VP, Engagement Management, Aon’s Cybersecurity Solutions (moderator)
Adam Cooke, Counsel, HoganLovells
Mitchell Green, Manager, Digital Forensics & Incident Response, Aon’s Cybersecurity Solutions
Readings: