First few Article Sentences
The Federal Trade Commission (FTC) announced changes to the Health Breach Notification Rule (HBNR) in April 2024 that broadly apply to digital health, health apps, and the like, and expands the rule to apply to vendors of public health information and related entities in addition to covered health care entities under HIPAA. The intent of rule is to protect individuals using health data apps and devices and it expands what covered entities must tell consumers if there’s been a breach of their data. These changes went into effect on July 29, 2024, following its publishing in the Federal Register on May 30, 2024.
Protecting patient privacy is garnering much regulatory attention after the Change Healthcare and HealthEquity data breach incidents. The emergence of digital health records, telemedicine, and wearable health technology, makes safeguarding patient information a significant challenge.
Understanding the FTC’s role in health care privacy protection, its regulatory powers, and how the new HBNR changes impact breach response protocols can help affected organizations prepare to meet the new reporting requirements effectively.