Your binder contains too many pages, the maximum is 40.
We are unable to add this page to your binder, please try again later.
This page has been added to your binder.
Covington’s health information privacy lawyers are at the center of the debate regarding the privacy of medical records and other individually identifiable health information. We have developed extensive expertise on matters of health information privacy, working on these issues from the perspective both of affected entities and government regulators. We serve a broad client base of healthcare providers, pharmaceutical companies, benefit managers, group health plans, clinical laboratories, medical equipment manufacturers, and others whose businesses involve the handling of personal health information.
We routinely counsel clients regarding compliance with the privacy standards promulgated under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Health Information Technology for Clinical and Economic Health (HITECH) Act. We have assisted in our clients’ efforts to obtain amendments to, or clarifications of, these regulations. We also counsel our clients on state laws affecting the privacy of health information, such as genetic information and pharmacy records, and we regularly provide advice on the interaction between state law and the federal regulations governing the privacy of health information.
We often assist clients in the United States and Europe engaging in clinical trials and post-marketing research activities and have been involved in preparing informed consent forms, investigator disclosure documents, contract research organization (CRO) agreements, clinical trial agreements and service provider agreements. We also assist companies in the healthcare industry with privacy issues relating to websites and live webcasts. Additionally, we have performed due diligence regarding healthcare privacy issues on behalf of venture capitalists and other entities interested in acquiring or investing in healthcare companies.
Our London- and Brussels-based lawyers have acquired unparalleled expertise in the unique privacy issues facing the pharmaceutical industry in Europe. We have been called upon to advise on the national rules in several European jurisdictions relating to the use of “biobanks” and research databases, privacy issues resulting from mandatory pharmacovigilance and adverse event reporting, key-coding of data, and the “further use” of data collected during clinical trials.
In Asia, we have assisted pharmaceutical companies operating in China with unique privacy issues, including advising privacy and property ownership issues related to the collection and sharing of biological samples in clinical trials.
Advising global pharmaceutical companies on HIPAA and state privacy issues relating to pharmaceutical marketing programs.
Assisted pharmaceutical companies in developing global comprehensive privacy policies aligned with federal (HIPAA, Food & Drug Administration, and National Institutes of Health) regulations, state and European law, and best practices.
Advised employer health plans on HIPAA breach notification requirements relating to breaches of protected health information held by the plans.
Advising a multinational pharmaceutical company on state privacy issues relating to a vaccine outreach program.
Represent an ad hoc consortium of U.S. and European pharmaceutical and medical device companies concerned about data privacy issues in Europe, including the Eastern European Member States such as Hungary, Poland, and the Czech Republic.
Advised a large pharmaceutical company in connection with litigation involving the alleged infringement of patient privacy by a pharmacy chain that collects personal information about prescription drug users.
On behalf of a major consumer products company, developed a HIPAA training module for the company’s health plan.
Advised major corporations on HIPAA compliance issues relating to their employer health plans.
Advised pharmaceutical companies in the United States and Europe on data privacy issues, including questions relating to genetic testing programs and the development of genomics databases, the sourcing and handling of human tissue and biological samples for research purposes, patient outreach, and marketing activities.
Assisted another large pharmaceutical company in dealing with privacy issues resulting from the migration of patient data from a clinical study to a web based platform.
Assisted several large pharmaceutical companies with a variety of privacy issues relating to clinical trials, further use of data and pharmacovigilance reporting.
Advised a multinational biopharmaceutical company operating in China on privacy and property ownership issues related to the collection and sharing of biological samples in clinical trials.
December 5, 2016, Inside Privacy
On December 1, 2016, the Commission on Enhancing National Cybersecurity released its Report on Securing and Growing the Digital Economy. In its Report, the Commission, established in February 2016 by President Obama, provided detailed short- and long-term recommendations to strengthen cybersecurity in the public and private sectors. The Commission took a ...
November 21, 2016, Financial Times
Daniel Cooper is quoted in a Financial Times article regarding wearable technology in the workplace. According to Cooper, not everyone will welcome sharing intimate personal information with the boss, however. “Wearable devices could be a good way for insurers to get the data . . . but it’s essential to address wearers’ privacy and fair treatment concerns and ...
September 13, 2016, Inside Privacy
The FTC has become the most recent regulator to take a closer look at ransomware and its impact on consumers. During the FTC’s September 7, 2016, Fall Technology Series on Ransomware, Chairwoman Edith Ramirez announced that the FTC will soon release guidance to businesses on how to protect against ransomware. Ransomware is a malicious software … Continue Reading
August 16, 2016, Inside Privacy
The EU-U.S. Privacy Shield’s recent introduction has created an efficient mechanism to ensure that trans-Atlantic personal data flows are lawful. With that in place, attention is now turning back to restrictions within the EU, particularly around hosting data in cloud computing services. European healthcare is particularly affected by such restrictions. This ...
August 11, 2016, Inside Privacy
A new post on the Covington eHealth blog reports that the UK government is running a consultation around NHS patient data security standards and a new legal framework for secondary uses (e.g. research) of patient data. To find out more about the proposals and the consultation, please click here.… Continue Reading
July 28, 2016, Inside Privacy
Today we published a post on the Covington eHealth blog regarding a recent report by the U.S. Department of Health and Human Services (HHS), Office of the National Coordinator for Health Information Technology (ONC). The ONC report highlights “large gaps” in policies and oversight surrounding access to and security and privacy of health information held by … ...
July 7, 2016, Inside Privacy
Last month, the FDA released a draft guidance document on the sharing of patient-specific data associated with medical devices, including information recorded, stored, processed, retrieved, and/or derived from the device. A new post on Covington’s Inside Medical Devices blog discusses the draft guidance and its implications for sharing patient information.… ...
A new post over on Covington’s eHealth blog discusses a recent enforcement action taken by the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) against Catholic Health Care Services, a business associate under HIPAA, arising out of a stolen iPhone. This recent enforcement action should put business associates … Continue ...
June 7, 2016, Inside Privacy
Last week, our colleague Shruti Barker published an article on the Inside Medical Devices Blog, discussing eight data security principles that companies participating in the Precision Medicine Initiative should aim to meet. The Administration’s guidance document additionally recommends a basic framework that organizations collecting, storing, and sharing ...
May 17, 2016, Inside Privacy
The EU Network and Information Security (NIS) Directive now looks likely to enter into force in August of this year. Member States will then have 21 months to implement it into national law before the new security and incident notification obligations will start to apply to the following entities: designated* “operators of essential services” within … Continue ...
April 28, 2016, Inside Privacy
The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services has been busy. In addition to its recent efforts to begin audits of covered entities and business associates, OCR has announced a slew of enforcement actions against covered entities for alleged HIPAA violations. Last month, OCR announced two seven-figure settlements … ...
October 24, 2013, Covington E-Alert
December 10, 2004, Covington E-Alert
November 1, 2004, Covington E-Alert
October 14, 2004, Covington E-Alert
August 13, 2004, Covington E-Alert
July 23, 2004, Covington E-Alert
July 15, 2004, Covington E-Alert
May 21, 2004, Covington E-Alert
December 8, 2003, Covington E-Alert