What is Snowden’s Impact on Health IT?

To view the full article, please visit What is Snowden’s Impact on Health IT?

This is a highly interesting article about the effect of Edward Snowden’s actions on health IT. In the interview with PPR’s own Dr. Deborah Peel, the issues of privacy that our government is currently facing can also be applied to the healthcare industry. As Dr. Peel aptly states, “The Department of Health and Human Services claims its actions are justified to lower healthcare costs. These are obviously very different agencies collecting different kinds of very sensitive personal information, but both set up hidden, extremely intrusive surveillance systems that violate privacy rights and destroy trust in government.”

A key argument that Dr. Peel makes is “The benefits of technology can be reaped in all sectors of our economy without the harms if we restore/update our laws to assure privacy of personally identifiable information in electronic systems. Our ethics, principles, and fundamental rights should be applied to the uses of technology.”

Cloud Computing: HIPAA’s Role

The below excerpts are taken from the GOVinfoSecurity.com article Cloud Computing: HIPAA’s Role written by Marianne Kolbasuk McGee after the January 7, 2013 Panel in Washington D.C.: Health Care, the Cloud, & Privacy.

“While a privacy advocate is demanding federal guidance on how to protect health information in the cloud, one federal official says the soon-to-be-modified HIPAA privacy and security rules will apply to all business associates, including cloud vendors, helping to ensure patient data is safeguarded.

Joy Pritts, chief privacy officer in the Office of the National Coordinator for Health IT, a unit of the Department of Health and Human Services, made her comments about HIPAA during a Jan. 7 panel discussion on cloud computing hosted by Patient Privacy Rights, an advocacy group…

…Deborah Peel, M.D., founder of Patient Privacy Rights, last month sent a letter to the Department of Health and Human Services’ Office for Civil Rights urging HHS to issue guidance to healthcare providers about data security and privacy in the cloud (see: Cloud Computing: Security a Hurdle).

“The letter … asks that [HHS] look at the key problems in cloud … and what practitioners should know and understand about security and privacy of health data in the cloud,” Peel said during the panel.”

OCR Could Include Cloud Provision in Forthcoming Omnibus HIPAA Rule

The below excerpt is from the Bloomberg BNA article OCR Could Include Provision in Forthcoming Omnibus HIPAA Rule written by Alex Ruoff. The article is available by subscription only.

“The final omnibus rule to update Health Insurance Portability and Accountability Act regulations, expected to come out sometime early this year, could provide guidance for health care providers utilizing cloud computing technology to manage their electronic health record systems, the chief privacy officer for the Office of the National Coordinator for Health Information Technology said Jan. 7 during a panel discussion on cloud computing.

The omnibus rule is expected to address the health information security and privacy requirements for business associates of covered entities, provisions that could affect how the HIPAA Privacy Rule affects service providers that contract with health care entities, Joy Pritts, chief privacy officer for ONC, said during the panel, hosted by the consumer advocacy group, Patient Privacy Rights (PPR).

PPR Dec. 19 sent a letter to Health and Human Services’ Office for Civil Rights Director Leon Rodriguez, asking the agency to issue guidance on cloud computing security. PPR leaders say they have not received a response…

…Deborah Peel, founder of Patient Privacy Rights, said few providers understand how HIPAA rules apply to cloud computing. This is a growing concern among consumer groups, she said, as small health practices are turning to cloud computing to manage their electronic health information.”