Data Security

On June 23, 2022, the German Federal Office for Information Security (“Office”) published technical guidelines on security requirements for healthcare apps, including mobile apps, web apps, and background systems.  Although the technical guidelines are aimed at healthcare app developers, they contain useful guidance for developers of any app

Continue Reading German Federal Office for Information Security Publishes Security Requirements for Healthcare Apps

On September 30, 2020, the Cybersecurity and Infrastructure Security Agency (“CISA”) and the Multi-State Information Sharing and Analysis Center (“MS-ISAC”) released a joint guide synthesizing best practices to prevent and respond to ransomware.  This guide was published the day before OFAC and FinCEN released their coordinated guidance on ransomware attacks
Continue Reading CISA and MS-ISAC Release Joint Guide on Ransomware

Our colleagues at the Inside Privacy blog have summarized a proposed bill in California (the Genetic Information Privacy Act) that would impose certain privacy obligations on direct-to-consumer genetic testing companies that go beyond the California Consumer Privacy Act.  This summary may be of interest to entities that process genetic data
Continue Reading California Legislature Advances Privacy Legislation

Public-health researchers, officials and medical professionals rely on data to track outbreaks, advance research, and evaluate prospective treatments. One critical source of patient data comes from electronic health records (EHRs).  EHR data in the U.S. has traditionally been siloed within hospital IT systems, but the federal government and key healthcare
Continue Reading EHR Interoperability: Public Health Benefits & Privacy Considerations

On May 8, 2020, the Federal Trade Commission (“FTC”) issued a notice soliciting public comment regarding whether changes should be made to its Health Breach Notification Rule (the “Rule”).  The request for comment is part of a periodic review process “to ensure that [FTC rules] are keeping pace with changes
Continue Reading FTC to Consider Changes to the Health Breach Notification Rule

NHSX recently published “A Buyer’s Checklist for AI in Health and Care” (Guidance) that sets out 10 key questions which will be of use to parties deploying AI solutions or conducting data driven projects (in a health and care setting or otherwise).  For example, the Guidance
Continue Reading NHSX Publishes “Buyer’s Checklist” for AI Solutions

This is the ninth of our video posts on 10 questions that can help lawyers contribute to the digital health ideation process.  Today’s video explores the question: Who will own the intellectual property rights?


Continue Reading Ideation Question #9: Who Will Own the Intellectual Property Rights?

This is the eighth of our video posts on 10 questions that can help lawyers contribute to the digital health ideation process.  Today’s video explores the question: what is novel in the digital health solution and what will give the solution a competitive advantage?


Continue Reading Ideation Question #8: What is Novel in the Digital Health Solution and What Will Give the Solution a Competitive Advantage?