Congress will have to address a number of privacy issues in health legislation throughout 2016, according to attorney Kirk Nahra, of law firm Wiley Rein.
Proposed modifications to streamline or eliminate regulatory burdens of the Common Rule, the primary regulation covering federally funded research, for instance, could affect the analytics healthcare organizations perform on their own data, he says in an interview at HealthcareInfoSecurity.
What's more, he says, the privacy provisions included in the 21st Century Cures Act don't necessarily mesh with those in the Common Rule.
"My view is that those privacy provisions have not been given enough attention," Nahra says.
Under the bill that passed the House, for instance, covered entities will have much more authority to disclose information for research purposes, and in some situations may even be able to sell data, for example to drug companies that are willing to pay for it. Not so under the Common Rule, he says.
"So it's a little bit of a disconnect," Nahra says. "I'm sort of optimistic that as the bill makes its way through the Senate, that it will clean up some of these privacy provisions."
Meanwhile, the Precision Medicine Initiative includes very aggressive privacy and security proposals, more so than in nearly any other setting.
"It's sort of a utopian version of privacy in a lot of ways," he says, adding that it would include ongoing contact with the individual. The project, however, aims to collect data on 1 million individuals.
"While the privacy and security protections are very strong, the problem is that they may be too strong," Nahra says. "They might be too burdensome and unrealistic to implement in other settings."
To learn more:
- listen to the interview