FDA

ONC and OCR Issue Joint Fact Sheet on Use of PHI for Public Health Activities

By Linn Foster Freedman on December 15, 2016

Whenever fact sheets or other guidance is issued by either the Office of the National Coordinator for Health Information Technology (ONC) or the Office for Civil Rights (OCR), it helps gain insight into the thinking of the regulators so we watch it closely.

But when the ONC and OCR issues joint guidance, it is hitting the jackpot.
Continue Reading ONC and OCR Issue Joint Fact Sheet on Use of PHI for Public Health Activities

FDA issues guidance on the use of EHRs in clinical investigations

By Linn Foster Freedman on May 19, 2016

Posted in Health Information Privacy

The U.S. Food and Drug Administration (FDA) just issued draft guidance on the Use of Electronic Health Record Data in Clinical Investigations for comment within the next 60 days.

The guidance is intended to assist all parties associated with clinical research with the appropriate use of electronic health records in FDA-regulated clinical investigations, which in…

FTC, ONC, OCR and FDA release online tool for mobile health app developers

By Kathryn Rattigan & Linn Foster Freedman on April 7, 2016

Posted in Enforcement + Litigation, Health Information Privacy, HIPAA and Health Information

While attending the International Association of Privacy Professionals annual global event, and listening to Chairwoman Edith Ramirez discuss the Federal Trade Commission’s (FTC) concerns about consumer privacy, the FTC, the Office of National Coordinator for Health Information Technology (ONC), Office for Civil Rights (OCR), and the Food and Drug Administration (FDA) announced that they had…

FDA issues guidance on cybersecurity risk management for medical devices

By Linn Foster Freedman on January 21, 2016

Posted in Cybersecurity

Last Friday (January 22, 2016), the Food and Drug Administration (FDA) published draft guidance for medical device makers on the importance of including cybersecurity measures in approved products. Further, the guidance highlights the importance of reporting any post-approval fixes to assist others with cybersecurity measures, particularly for medical devices connected to the Internet.

The guidance,…

Increased risk of ‘Medjacking’ calls for better security measures on medical devices

By Kathryn Rattigan on November 19, 2015

Posted in Data Security, Health Information Privacy, HIPAA and Health Information

Did you know that right now we have about 5 billion connected smart devices in use? Is it surprising that it is predicted that by 2020 that number will skyrocket to 25 billion? Of all these connected devices, a significant portion of these devices will be medical devices such as pacemakers, in-home monitoring systems and…

FDA issues first medical device hacking alert

By Linn Foster Freedman on August 13, 2015

Posted in Cybersecurity

Reportedly for the first time ever, the FDA recently issued a declaration that hospitals should not use a medical device manufactured by Hospira Inc. because of security flaws that could allow hackers to penetrate hospital computer networks, commandeer the pumps and manipulate the dosage given to patients. There has been no reporting hacking incident, but…

Data Privacy + Cybersecurity Insider

FDA