The United States must answer three important questions as it moves forward to protect patient data, according to attorneys with the healthcare group at law firm Crowell & Moring.
In a report published by Bloomberg BNA, Jodi Daniel, Elliot Golding and Jennifer Williams address the next steps necessary for following up a recent report from the Office of the National Coordinator for Health IT outlined gaps between HIPAA protections and mHealth technologies.
Questions that must be asked, they say, include:
- Why develop standards and requirements?
- What should those standards be and who should develop them?
- How should organizations be held accountable?
While the benefits to consumers seem obvious, businesses, too, will benefit from more certainty about what the law applies to and what they can and cannot do, the attorneys say. Companies also will gain when consumers better understand their privacy protections, as people will be less leery of participating in new technologies due to privacy concerns and know their rights regarding access to their data.
Newly crafted standards, they continue, should draw upon existing privacy frameworks, ensure compatibility with HIPAA, and address expectations of both consumers and providers. They also should take into account how these rules might hinder the usefulness of services being offered or inhibit innovation.
Given the time it takes the government to act, a better enforcement mechanism might be an accreditation program or a seal of approval program backed by the Federal Trade Commission’s existing authority, the attorneys say.
To learn more:
- read the report