Published: October 2021
Privacy in the modern age of technology is not limited to a set of rules that restrict or prohibit how data can be used. Rather, it is a tool for empowering individuals as they navigate increasingly sophisticated and complex systems, and for enabling innovation and growth while protecting a basic individual right.
This paper provides a comprehensive framework for building and managing a health care privacy program (also referred to throughout this paper as a health care privacy function) based on the collective insights from in-house and external privacy counsel. While this paper is not designed to comprise a generally applicable “gold standard” for a privacy program, we hope it can provide a practical framework that can be leveraged by privacy professionals in building and managing their particular health care privacy functions.
Authors:
- Jiayan Chen, Partner, McDermott Will & Emery
- Ryan Higgins, Partner, McDermott Will & Emery
- Ty Kayam, Digital Health Attorney, Microsoft Corporation
- Michael Hamilton, Chief Privacy Officer, Invitae Corporation
Disclaimer: The views, thoughts, and opinions expressed in this whitepaper belong solely to the authors and do not reflect the official policy or position of their respective organizations or any other organization with which the authors are affiliated.