On June 23, 2022, the German Federal Office for Information Security (“Office”) published technical guidelines on security requirements for healthcare apps, including mobile apps, web apps, and background systems. Although the technical guidelines are aimed at healthcare app developers, they contain useful guidance for developers of any app that processes or stores sensitive
CISA and MS-ISAC Release Joint Guide on Ransomware
On September 30, 2020, the Cybersecurity and Infrastructure Security Agency (“CISA”) and the Multi-State Information Sharing and Analysis Center (“MS-ISAC”) released a joint guide synthesizing best practices to prevent and respond to ransomware. This guide was published the day before OFAC and FinCEN released their coordinated guidance on ransomware attacks that we previously summarized here…
California Legislature Advances Privacy Legislation
Our colleagues at the Inside Privacy blog have summarized a proposed bill in California (the Genetic Information Privacy Act) that would impose certain privacy obligations on direct-to-consumer genetic testing companies that go beyond the California Consumer Privacy Act. This summary may be of interest to entities that process genetic data in California.
EHR Interoperability: Public Health Benefits & Privacy Considerations
Public-health researchers, officials and medical professionals rely on data to track outbreaks, advance research, and evaluate prospective treatments. One critical source of patient data comes from electronic health records (EHRs). EHR data in the U.S. has traditionally been siloed within hospital IT systems, but the federal government and key healthcare stakeholders have recently ramped up…
FTC to Consider Changes to the Health Breach Notification Rule
On May 8, 2020, the Federal Trade Commission (“FTC”) issued a notice soliciting public comment regarding whether changes should be made to its Health Breach Notification Rule (the “Rule”). The request for comment is part of a periodic review process “to ensure that [FTC rules] are keeping pace with changes in the economy, technology, and…
NHSX Publishes “Buyer’s Checklist” for AI Solutions
NHSX recently published “A Buyer’s Checklist for AI in Health and Care” (Guidance) that sets out 10 key questions which will be of use to parties deploying AI solutions or conducting data driven projects (in a health and care setting or otherwise). For example, the Guidance highlights:
- key data-related considerations, such
Ideation Question #11: Why Involve a Lawyer?
This is the 11th, and final, of our video posts on 10 questions that can help lawyers contribute to the digital health ideation process. Today’s video explores the question: Why involve a lawyer?
Ideation Question #10: What Are the Priorities for the Solution?
This is the tenth of our video posts on 10 questions that can help lawyers contribute to the digital health ideation process. Today’s video explores the question: What are the priorities for the solution?
Ideation Question #9: Who Will Own the Intellectual Property Rights?
This is the ninth of our video posts on 10 questions that can help lawyers contribute to the digital health ideation process. Today’s video explores the question: Who will own the intellectual property rights?
Ideation Question #8: What is Novel in the Digital Health Solution and What Will Give the Solution a Competitive Advantage?
This is the eighth of our video posts on 10 questions that can help lawyers contribute to the digital health ideation process. Today’s video explores the question: what is novel in the digital health solution and what will give the solution a competitive advantage?