The average cost of a data breach for U.S. health care companies is $6.45 million (or $429 per individual record), surpassing the global all-industry average.

From a practical standpoint, the Security Rule is probably the most relevant section of HIPAA for health tech companies. The Security Rule operationalizes much of

HIPAA is the cornerstone of safely sharing health data in the U.S. Policy experts love to point out that the “P” in HIPAA stands for

The global COVID-19 pandemic has driven health care more into the virtual world at an unprecedented and historic pace, and the need to protect digital

If your company collects, stores, or exchanges health data, it is crucial that you understand the Health Insurance Portability and Accountability Act (HIPAA). HIPAA can

Last month Virginia joined California as the second U.S. state to enact comprehensive data privacy legislation—the Virginia Consumer Data Protection Act (CDPA). States are moving

When should American Health Tech companies conform to non–US laws? When your business collects data from individuals outside of the US: In the case of

HIPAA has been a brick wall for data access for health companies. Legitimate? Yes, we always want to protect health data. But we also want

As health tech companies solidify their budgets and agendas amidst the continued pandemic, they should consider these prominent health regulatory changes expected in 2021:

Many virtual care platforms claim to be EHR integrated. But often, there are many versions of this truth. As many provider groups are currently looking for telehealth solutions that are EHR integrated, we wanted to provide some clarity around the fundamental elements that define EHR integration.