Allowing unregulated apps to access patient health information could expose patient information to those it wasn’t intended for
The Confidentiality Coalition and the Workgroup for Electronic Data Interchange sent a letter to the Commerce and HHS Secretaries outlining their concerns with allowing unregulated third-party apps to get access to patient health information.
The Confidentiality Coalition is composed of a broad group of hospitals, medical teaching colleges, health plans, pharmaceutical companies, medical device manufacturers, vendors of electronic health records, biotech firms, employers, health product distributors, pharmacies, pharmacy benefit managers, health information and research organizations, patient groups, and others founded to advance effective patient confidentiality protections.
While the Health Insurance Portability and Accountability Act safeguards a specific subset of “protected health information,” the law applies only to traditional health care covered entities (CEs) and their business associates. A vast amount of health-related information does not fall within the HIPAA regulatory framework and is largely unprotected from misuse.
The coalition is urging the Departments of Commerce and Health and Human Services to take action to protect patients from inappropriate disclosures of their health information.
“We believe that for health care data exchange to occur in an interoperable manner as called for under the 21st Century Cures legislation, there must be a consistent and high level of trust among all participants, including entities that are not legally a CE or bound by a BAA,” the letter reads in part. “The deployment of effective federal policies is critical to assist in facilitating this trust framework.”