The health record interoperability dilemma

(Aug 14, 2019) An ongoing U.S. Department of Health and Human Services rulemaking seeks to increase the interoperability of electronic health records (there are two related rulemakings: one by the Centers for Medicare & Medicaid Services and one by the Office of the National Coordinator for Health Information Technology). The comment period for both rulemakings has closed. While increased interoperability is generally a good thing, as well as something required by the 21st Century Cures Act, it also prese... Read More

Op-ed: The health record interoperability dilemma

(Aug 14, 2019) An ongoing U.S. Department of Health and Human Services rulemaking seeks to increase the interoperability of electronic health records. Though the comment period for both rulemakings has closed, Bob Gellman foresees that increased interoperability will create a privacy dilemma. "Patient access to interoperable health records is good, but making those records readily available to patients will lead to widespread commercial access and use outside the health care system," he writes. In this post fo... Read More

State attorneys general implore Congress to refer to HIPAA amid opioid crisis

(Aug 12, 2019) The U.S. National Association of Attorneys General has pressed Congress on a change to patient privacy rules to help the fight against opioid use in the U.S., GovInfoSecurity reports. Thirty-nine state attorneys general joined on a NAAG letter to the House and Senate asking for current privacy rules on addiction to be replaced by the Health Insurance Portability and Accountability Act. The switch to HIPAA rules would allow patient information, including information on addiction treatment, to be ... Read More

ACCC, health platform head to court over alleged improper data use

(Aug 8, 2019) ZDNet reports the Australian Competition and Consumer Commission has initiated proceedings in a Federal Court over alleged misused data by health booking platform HealthEngine. The ACCC claims HealthEngine sold the personal information of 135,000 patients without their consent. Names, phone numbers, email addresses and birth dates were involved in the alleged sale. "Patients were misled into thinking their information would stay with HealthEngine but, instead, their information was sold off to i... Read More

37K Australians have personal information exposed in breach

(Aug 8, 2019) Neoclinical, a Sydney-based medical research and product development firm, has announced a data breach involving the personal information of 37,000 Australians, The Sydney Morning Herald reports. Contact information was exposed along with responses to personal medical questions that determine qualifications for clinical trials, which included information about diagnoses, drug use and treatments. "A U.S. cyber security company which trawls the internet looking for data access found a way to get a... Read More

European Parliament's report covers GDPR's impact on scientific research rules

(Aug 8, 2019) The European Parliament Panel for the Future of Science and Technology released a report last month on the impact the EU General Data Protection Regulation has on scientific research rules. The panel finds the GDPR will likely improve several aspects of scientific research, such as data security, regulatory clarity around data processing and data processor responsibilities and data subject trust. The report notes there are still some “regulatory ambiguities” around how it applies to research. In... Read More

Judge gives preliminary approval to $74M Premera Blue Cross data breach settlement

(Aug 7, 2019) U.S. District Judge Michael Simon gave preliminary approval to a proposed $74 million settlement tied to Premera Blue Cross’s 2014 data breach, HIPAA Journal reports. The settlement includes $32 million for victims to cover claims for damages. Of that $32 million figure, $10 million will cover any costs incurred that were a result of the breach. Premera will use the remaining $42 million to improve its security practices over the next three years. “Improved data security benefits all class membe... Read More

VA OIG report shows holes in security, privacy for patient information

(Aug 2, 2019) A recent study published by the U.S. Department of Veterans Affairs Office of Inspector General has revealed issues related to the privacy and security of patient information at a VA medical center in California. The report highlighted vulnerabilities with the facility's medical devices and unauthorized, unsecured shortcuts staff members use for transferring and integrating patient device information into the center's electronic health records. "This OIG report highlights that operational consid... Read More

Health tech startup offers answer to surveillance issues at care centers

(Aug 1, 2019) U.K. health tech startup Karantis360 has proposed the use of sensors instead of surveillance in elderly care centers to alleviate privacy concerns, Healthcare IT News reports. U.K. Health Secretary Matt Hancock recently called for surveillance cameras to be mandatory in centers, but Care Quality Commission Chief Inspector of Adult Social Care Kate Terroni believes "consideration must be given to important matters such as individual rights to privacy and dignity." Karantis360 has suggested the us... Read More

AI lab's health tech development comes with privacy concerns

(Aug 1, 2019) The New York Times reports privacy red flags are being raised about a research paper by London-based DeepMind Health, Google's artificial intelligence research company. Published in Nature, the paper focuses on new health technology that is capable of automatic diagnosis of acute kidney injury. The paper said the new tech is based on a system that analyzes various data, including blood tests, vital signs and past medical history. Privacy concerns are being raised, however, regarding the use of t... Read More