When the Health Insurance Portability and Accountability Act of 1996 (HIPAA) was first enacted, there were no smartphones or social media websites that had the potential to uncover your health care data.
Today, however, if you give a smartphone app permission, HIPPA’s privacy policy no longer applies to the permitted shared data.
“That data can then be used and reused and sent to other people, and all kinds of things can happen to that data that you can’t use in the HIPPA context and the covered entity context,” Joel White, the executive director of Health Innovation Alliance (HIA), recently told Patient Daily.
HIA wants to see federal laws change with the times to make patient privacy more secure.
“HIPPA, the way of doing things from 1996, is kind of over, and the gap where some of the apps and digital tools aren’t covered by any federal law needs to be filled in,” White said. “If we use the opportunity in the gap to change HIPPA and modernize it…we can have better sharing and use of de-identified data, but we can also increase privacy and security protections so that the data is more secure and private going into the future.”
Founded in 2007, HIA is a broad-based coalition of patient groups, provider organizations, employers, and payers that supports incentives to deploy health information technology to improve quality, outcomes, and patient safety and to lower costs.
“We care about it because data is the lifeblood of health care," White said. "With it, we can spot problems and challenges, identify opportunities to lower costs and to intervene at an individual level to improve health and at a population level to improve diabetes, cardiovascular disease and other chronic illness in ways that they really improve patient outcomes. Unfortunately in health care, we’re really laggard around using technology and data to make health care work better.”
With the rise of the Internet and social media platforms such as Facebook, Twitter and YouTube, a lot of personal data is collected and used by marketers and businesses to determine how to better advertise their products. This marketing data is different than health care data, which is primarily used to save lives and improve the overall quality of life.
“Every time we post on Facebook or tweet on Twitter or look at a YouTube video, someone is tracking our movements and they are using that data to advertise to us,” White said. "That’s just a function of the modern world. When it comes to health care and whether you have cancer, HIV/AIDS or perhaps a rare pediatric condition, we expect that information to be private and held in confidence of trust. I think that there’s a huge difference between marketing data and health care data, and if health-care sensitive information is released, that has the potential to ruin reputations, harm our ability to get a job, maybe create marital problems, and certainly and if it’s hacked, can cause massive financial problems.”
White believes technology to better protect health care data currently exist, but many laws that restrict privacy settings prevent the technology from being widely used.
“The technology that we have today to encrypt, deidentify, (and) to use technologies like blockchain can make this data much more secure and prevent hacking and disclosures that harm reputations or even create financial problems,” White said. “Whether that comes under HIPPA, or whether it’s consumer privacy protections…there are technologies that can achieve the ends of those laws in a much better way.
"The challenge is that our laws haven’t kept pace with the technology, and so we’re trying to change the laws and the framework that allow for better privacy, better security around that data, so that consumers can enjoy both the benefits of having their data used to make health care work better, and at the same time enjoy greater privacy and greater security.”
