In the recent article, Why health care privacy is a mess — and why it isn't likely to get better soon, Partner Kirk Nahra discusses navigating the complex landscape of health care privacy — from HIPAA to modern challenges.
Since the early 2000s, health care privacy has been primarily associated with the Health Insurance Portability and Accountability Act (HIPAA). However, HIPAA was originally designed to address health insurance portability and standard electronic transactions, with privacy as a secondary concern. The HIPAA privacy rule, crafted by the Department of Health and Human Services, applies to specific entities and situations, but it was never intended to be a comprehensive health information privacy law. Over time, the expansion of non-HIPAA health data, such as data from mobile apps, wearable technologies, and health information websites, has created significant privacy concerns due to the lack of regulatory framework. Additionally, overlapping state laws and new regulatory activities have further complicated the landscape, making it challenging to develop a cohesive and effective health care privacy system. Despite ongoing debates about national privacy legislation, the current legal complexity continues to pose challenges for medical research, public health, and the integration of artificial intelligence in health care. There is a need for thoughtful consideration and cohesive policy to address these issues and ensure effective privacy protections while supporting the health care system.
Read the full article here, which was first published by IAPP.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
