WilmerHale Partner Kirk Nahra recently published the article, “Thinking About Healthcare Privacy in 2026,” in the April 2026 issue of Compliance Today, a publication of the Health Care Compliance Association. The key takeaways from the article are as follows:

• Healthcare privacy law is growing more complex as HIPAA’s entity-based model collides with expansive state consumer health laws and evolving definitions of “health information.”
• New state laws increasingly treat location data, inferred data, and social determinants as health data, making nearly all personal data potentially subject to heightened regulation.
• Privacy protections now conflict with other health system goals, including clinical research, AI bias mitigation, complete medical records, and effective care coordination. 
• Data security remains fragile as broad data sharing, patient access, mobile use, and information blocking rules expand exposure beyond HIPAA’s traditional safeguards. 
• Fragmented state laws and unlikely federal solutions are increasing compliance confusion.

Read the full article here.

Nahra will also speak on this topic at the HCCA Annual Compliance Institute in Orlando on April 27. Find more details on the event here.