E-Health, Privacy, and Security Law, Third Edition, with 2018 Cumulative Supplement

This treatise provides health law practitioners and digital health professionals with a full exploration of the legal, regulatory, transactional, and ethical issues at the nexus of health and information technology, including digital health, privacy, security, social media, HIPAA, HITECH, and more. It also includes guidance on maximizing technology to cut costs and improve marketing, all while staying compliant and avoiding penalties.



CLEAR INFORMATION on the full range of today’s digital health business and transactional law issues 

The new Third Edition includes updated chapters on the digital health industry and health information technology, as well as discussion of:

  • recent security breach settlements with HHS’s Office for Civil Rights (OCR) and the implications, as well as a new chapter on other cybersecurity developments in healthcare
  • how health information technologies will play a key role in the shift from fee-for-service medicine to payment for quality and cost-effectiveness;
  • the European Data Privacy Regime, including the Data Protection Directive, and key changes the General Data Protection Regulation (GDPR) will bring, such as mandatory breach reporting and significant fines.
  • OCR's Phase 2 HIPAA compliance audit program, evaluating compliance with privacy, security, and breach notification rules
  • the impact of patient-generated health data, including that originating with mobile and wearable devices;
  • the increasing use of telemedicine, both in the U.S. and globally, and the barriers to it;
  • HHS’s imposition of civil monetary penalties (CMP) under HIPAA, as well as new actions brought by state attorneys general under the HITECH Act; and
  • FDA warning letters related to social media promotion of pharmaceutical and dietary supplement products, and FDA final guidance detailing the regulatory scheme for mobile medical apps.
  • the Part 2 Regulations Proposed Rule from the Substance Abuse and Mental Health Services Administration (SAMHSA) of HHS on the exchange of substance use disorder information
  • the Stage 3 Final Rule under the American Recovery and Reinvestment Act (ARRA) specifying the requirements that eligible professionals and hospitals must meet to qualify for Medicare and Medicaid EHR incentive payments;
  • the FTC’s Health Breach Notification Rule (“HBNR”) and its applicability to PHR vendors, PHR-related entities, and third-party service providers

Supplement Information    

The 2018 Cumulative Supplement includes:

  • Extensive updates on the General Data Protection Regulation (GDPR)
  • Internet pharmacies, with a brand new chapter on laws governing them, and federal, international, and private sector enforcement activities
  • Important cybersecurity laws, regulations, and guidance changes, including the issuance of SEC guidance
  • Recent breach reports, as well as information on an HHS fact sheet offering guidance on specific HIPAA compliance requirements on ransomware attacks
  • An updated analysis of the legal and market trends related to digital health
  • The Bipartisan Budget Act of 2018 with impacts on telemedicine, MACRA’s Merit-Based Incentive Payment System (MIPS), and more
  • Mobile devices and patient-generated health data (PGHD), which may not yield data in forms commonly recognized by or transmittable among EHRs
  • The Substance Abuse and Mental Health Services Administration  (SAMHSA) issuance of an additional final rule on the confidentiality of substance use disorder records




Summary of Contents


Chapter 1. The Digital Health Explosion—An Analysis of Legal and Market Trends


Chapter 2. E-Health Industry Overview


Chapter 3. Health Information Technology


Chapter 4. Privacy, PHRs, and Social Media


Chapter 5. Privacy Issues in U.S. Health Care


Chapter 6. The European Data Privacy Regime


Chapter 7. Information Security and Breach Notification Under HIPAA and HITECH


Chapter 8. Enforcement of the Health Insurance Portability and Accountability Act of 1996


Chapter 9. E-Health Liability


Chapter 10. FDA Regulation of E-Health Technology and Services


Chapter 11. Obligations in Response to a Health Care Data Security Breach


Chapter 12. Due Diligence in E-Health Transactions


Chapter 13. Contracts in the Digital Age: Adapting to Changing Times


Chapter 14. Evaluating Antitrust Concerns in the Electronic Marketplace


Chapter 15. The Intersection of Health Law and Intellectual Property Law


Chapter 16. Allocation and Mitigation of Liability


Chapter 17. Recent Cybersecurity Developments in Health Care


Chapter 18. Legal Ethics and E-Health


Chapter 19. Telemedicine


Chapter 20. Internet Pharmacies


Appendices • Table of Cases • Index





Bloomberg BNA authors and editors are practicing professionals with insider perspectives and real-life experience. Learn more about this book’s authors and editors.
W. Andrew H. Gantt III of Gantt Law, LLC, focuses his practice on health care and life sciences regulatory counseling, complex transactions, and strategic business advice.


View full tables of contents and read the book’s preface or introduction.