Photo of Julia Kadish

Julia Kadish is an associate in the Intellectual Property Practice Group in the firm's Chicago office and is a member of the Privacy and Cybersecurity Team.

Most companies operating websites and mobile apps use some form of tracking technologies on these digital properties. While these types of technologies have been used for some time and serve a variety of purposes, the use of them by organizations regulated by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) has garnered more recent attention within the past year. In the wake of recent public concerns, the Office of Civil Rights (OCR) at HHS recently released guidance on the use of these tools by HIPAA-regulated entities. OCR’s guidance distinguishes between tracking on authenticated and unauthenticated websites and on mobile apps. We summarize this guidance below.

Continue Reading OCR Releases Guidance on Use of Tracking Technologies

The metaverse has been described as the “next frontier” and the “new era” of healthcare. Although still a loosely defined and relatively broad term, the “metaverse” generally refers to a shared virtual environment accessed by individuals via the Internet. Individuals generally enter the metaverse through the following four technologies: virtual reality, augmented reality, mixed reality and extended reality.  

Continue Reading Digital Health in the Metaverse: Three Legal Considerations

The digital health sector has seen tremendous growth and innovation over the past few years. This momentum introduces new complexities within the legal and regulatory landscape that is trying to
Continue Reading Top 5 Legal Issues in Digital Health to Watch for in 2022

Virginia is now the second state, after California, to pass a comprehensive privacy law. The Consumer Data Protection Act (“CDPA”) will come into effect January 1, 2023 (the same time as the modification to California’s Consumer Privacy Act (“CCPA”), i.e., the California Privacy Rights Act (“CPRA”)). While CDPA has fairly broad exemptions for entities regulated by other laws, such as HIPAA, there is also a new “opt-in” requirement for collecting “sensitive data.”
Continue Reading What Virginia’s New Privacy Law Means for Organizations in the Healthcare Industry