EHR CEO urges hospitals to oppose HHS data-sharing bill

(Jan 24, 2020) Electronic health record company Epic Systems is urging leaders of the country’s largest hospitals to oppose rules proposed by the U.S. Department of Health and Human Services that would make it easier to share patient information, CNBC reports. In an email to CEOs and presidents of hospital systems, Epic CEO Judy Faulkner asked recipients to sign a letter voicing opposition and stated concern that patients will "lose control of their confidential health information." Meanwhile, according to an ... Read More

Google CEO vows to protect privacy with health AI

(Jan 23, 2020) Alphabet and Google CEO Sundar Pichai has promised the tech company will uphold privacy while it explores the use of artificial intelligence in the health care space, CNBC reports. After discussing his support of AI regulations earlier in the week, Pichai said Wednesday at the World Economic Forum, “When we work with hospitals, the data belongs to the hospitals.” Google's foray into health care innovation has come under fire in recent months following privacy concerns raised by "Project Nighting... Read More

Advocacy group urges OCR, Minn. lawmakers to boost patient privacy

(Jan 22, 2020) HealthITSecurity reports Citizens Council for Health Freedom wants the U.S. Department of Health and Human Services' Office for Civil Rights and Minnesota lawmakers to preserve patient privacy rights in the wake of big tech companies' health data deals. CCHF is asking OCR to reconsider patient consent policies under the Health Insurance Portability and Accountability Act while urging state lawmakers to uphold the Minnesota Health Records Act's consent provisions. “What emerges from this mass col... Read More

Hospitals give tech companies access to medical records

(Jan 21, 2020) Hospitals have given technology companies, including Microsoft, IBM, Amazon and Google, access to patients’ digitized medical records under deals for research, development and product pilots, The Wall Street Journal reports. Patient data can be shared if hospitals follow federal privacy law, and hospital officials said they have implemented safeguards for patient protection. Under the Health Insurance Portability and Accountability Act, hospitals have to notify patients about data uses but do no... Read More

Privacy, security among focuses for HHS IT strategy

(Jan 16, 2020) The U.S. Department of Health and Human Services has released its proposed "Federal Health IT Strategic Plan" for 2020 through 2025, HealthITSecurity reports. Drawn up with the Office of the National Coordinator for Health Information Technology, the strategy seeks to improve patient privacy by putting "individuals first" and empowering them more through data- and consent-driven health apps and IT research. "ONC, along with our partners across the federal government, strive to promote a health I... Read More

Survey: Health plan sponsors struggling with HIPAA compliance

(Jan 15, 2020) Many health plan group sponsors are struggling with Health Insurance Portability and Accountability Act compliance and are not prepared for a HIPAA audit, according to findings from a survey by HR and benefits consulting firm Buck, HealthITSecurity reports. Of those surveyed, 39% conducted a review or update of their HIPAA privacy and security policies within the last year, 13% did not know when policies were last updated, and 48% had not conducted a review within the past one to five years or m... Read More

Report: 1B medical images exposed online

(Jan 13, 2020) Storage systems at hundreds of hospitals, medical offices and imaging centers are exposing more than 1 billion medical images of patients online, TechCrunch reports. Half of all exposed images, including X-rays, ultrasounds and CT scans, are of patients in the United States. Germany-based security firm Greenbone Networks has been monitoring the exposed servers, and Chief Marketing Officer Dirk Schrader said, “The amount of data exposed is still rising.” Meanwhile, a Wall Street Journal analysis ... Read More

UK shifts to biometric logins for NHS data

(Jan 9, 2020) Biometric Update reports the U.K. has committed 40 million GBP to installing biometric logins for National Health Service databases. The multifactor authentication, which will include fingerprint scans, among other biometric scans, aims to help expedite and simplify logins for NHS staff members, who have complained about previous login procedures. "This investment is committed to driving forward the most basic frontline technology upgrades, so treatment can be delivered more effectively and we c... Read More

Study: Health tech hindered by privacy, infosecurity concerns

(Jan 9, 2020) A study conducted by consulting firm Kantar shows consumers are wary of adopting health technology because of potential privacy and security issues, HealthITSecurity reports. A poll of 1,000 Americans found only 38% of people trust health tech's ability to protect sensitive information. Additionally, 60% of respondents cited general privacy concerns when asked why they don't use fitness trackers or health tech platforms. Meanwhile, WTOC reports the U.S. Attorney for the Southern District of Geor... Read More

OCR announces $65K settlement for HIPAA Security Rule violations

(Jan 2, 2020) The U.S. Department of Health and Human Services' Office for Civil Rights announced it has reached a $65,000 settlement with West Georgia Ambulance over alleged violations of the Health Insurance Portability and Accountability Act Security Rule. The agency launched an investigation after a breach report was filed over the loss of an unencrypted laptop that contained the protected health information of 500 patients. Meanwhile, Bloomberg Law takes a look at how privacy laws and trends may impact h... Read More