Senate privacy bill aims to set new federal standard for consumer health apps

Sens. Amy Klobuchar (D-Minn.) and Lisa Murkowski (R-Alaska) have introduced a bill that would create new privacy regulations protecting consumer health data collected through health tracking apps, fitness wearables and direct-to-consumer DNA testing kits.

The bill, introduced June 14, would set a new federal standard for biometric consent, the Senators said.

“New technologies have made it easier for people to monitor their own health, but health tracking apps and home DNA testing kits have also given companies access to personal, private data with limited oversight,” Klobuchar said in a statement. “This legislation will protect consumers’ personal health data by requiring that regulations be issued by the federal agencies that have the expertise to keep up with advances in technology.”

RELATED: Collection, use of consumer data puts sensitive health information at risk, groups say

The topic of consumer data privacy is heating up, both on and off the Hill. Facebook recently came under fire for its privacy policies after a complaint filed with the Federal Trade Commission accused the social media company of exposing users’ sensitive health data. Facebook has since made privacy changes to its platform when it comes to users discussing health conditions or sharing health information in closed groups.

An investigation by The Wall Street Journal published last week also revealed that apps tracking sensitive information are sending that data back to Facebook, unbeknownst to the people using those apps, and the Washington Post reported that a pregnancy tracking app has been selling user data to employers.

Current laws and regulations, including the Health Insurance Portability and Accountability Act (HIPAA) do not adequately address the emerging privacy concerns presented by these technologies, Klobuchar and Murkowski said.

The legislation requires the Secretary of Health and Human Services (HHS) to promulgate regulations for genetic, biometric and personal health data that are not regulated by existing laws and ensure that the new regulations take into account appropriate standards for consent.

RELATED: Complaint to FTC accuses Facebook of exposing sensitive health data in groups

The measure also would create a national task force to evaluate cybersecurity risks and privacy concerns associated with consumer products that use personal health data. It also would give consumers the ability to navigate their health data privacy options, including deleting personal health data that companies collect or use.

"This legislation takes important steps to ensure guidelines are created for security and privacy protections of modern health information. Our policies must evolve to keep up with advancements in recent technology," Murkowski said in a statement.

Consumer Reports, which supports the bill, said the current legal framework for privacy around health data is out of date and incomplete.

"Protecting the legal right to privacy for users of new health technology is about ensuring consumers have the freedom to take advantage of promising new health technology without losing the right to privacy or facing harm such as discrimination,” Dena Mendelsohn, senior policy counsel for Consumer Reports, said in a statement.