As this decade begins, Americans are increasingly apprehensive about the privacy of their personal information. Nowhere is this issue more important than in regard to health data, a type of information that can contain extremely personal details about an individual. Enacted in 1996, the Health Insurance Portability and Accountability Act (HIPAA) is the primary law that protects health data in the United States. But HIPAA was adopted in a world where most health data was held either by or on behalf of traditional healthcare providers or health plans.
The health data industry is changing rapidly and available electronic data pertaining to an individual’s health status is growing at an exponential pace. The expanded availability of health data—while often beneficial to consumers, patients and marketplace competition—is also outpacing the development of regulatory safeguards to protect the public. The concerns are particularly heightened when it comes to health data, which can contain extremely sensitive details. Today, companies that operate mobile apps, search engines, social media platforms and health-oriented websites can have more health information about many of their users than a hospital has about most of its patients. Yet these technology companies typically are not subject to HIPAA or other health privacy laws.
Please see full publication below for more information.