As more consumers share healthcare data online, laws regarding data privacy and protection must expand to protect the information being shared, writes IIT Chicago-Kent College of Law Professor Lori Andrews.
In a commentary published recently in the Chicago Tribune, Andrews says she believes a good majority of consumers are not aware of the growing numbers of data aggregators collecting such information without their consent. To that end, she says, it’s time regulations, such as HIPAA, be expanded to close loopholes.
“Those privacy protections apply to information in the hands of healthcare professionals and healthcare institutions, but the health information you reveal on social media, in emails, through web searches or via apps is fair game for data aggregators,” Andrews says.
She notes that IIT Chicago-Kent College of Law evaluated more than 200 apps diabetes for diabetes management and that 77 percent disclosed private information to third parties
“That means most of us are at risk,” Andrews says. “Now that medical information has moved online, the law should follow it."
She recommends states follow California’s lead to enact legislation providing HIPAA-level protection to online health data. That law, which requires "medical apps to meet "the same standards of confidentiality required of a provider of healthcare," went into effect in January 2014.
For more information:
- read Andrews’ commentary at the Chicago Tribune
- here's the California law