Data Security

On June 23, 2022, the German Federal Office for Information Security (“Office”) published technical guidelines on security requirements for healthcare apps, including mobile apps, web apps, and background systems.  Although the technical guidelines are aimed at healthcare app developers, they contain useful guidance for developers of any app that processes or stores sensitive

On September 30, 2020, the Cybersecurity and Infrastructure Security Agency (“CISA”) and the Multi-State Information Sharing and Analysis Center (“MS-ISAC”) released a joint guide synthesizing best practices to prevent and respond to ransomware.  This guide was published the day before OFAC and FinCEN released their coordinated guidance on ransomware attacks that we previously summarized here

Our colleagues at the Inside Privacy blog have summarized a proposed bill in California (the Genetic Information Privacy Act) that would impose certain privacy obligations on direct-to-consumer genetic testing companies that go beyond the California Consumer Privacy Act.  This summary may be of interest to entities that process genetic data in California.

Public-health researchers, officials and medical professionals rely on data to track outbreaks, advance research, and evaluate prospective treatments. One critical source of patient data comes from electronic health records (EHRs).  EHR data in the U.S. has traditionally been siloed within hospital IT systems, but the federal government and key healthcare stakeholders have recently ramped up

On May 8, 2020, the Federal Trade Commission (“FTC”) issued a notice soliciting public comment regarding whether changes should be made to its Health Breach Notification Rule (the “Rule”).  The request for comment is part of a periodic review process “to ensure that [FTC rules] are keeping pace with changes in the economy, technology, and

NHSX recently published “A Buyer’s Checklist for AI in Health and Care” (Guidance) that sets out 10 key questions which will be of use to parties deploying AI solutions or conducting data driven projects (in a health and care setting or otherwise).  For example, the Guidance highlights:

  • key data-related considerations, such

This is the eighth of our video posts on 10 questions that can help lawyers contribute to the digital health ideation process.  Today’s video explores the question: what is novel in the digital health solution and what will give the solution a competitive advantage?