Technology has transformed and disrupted long standing industries as well as created new industries along the way. The digital revolution in the healthcare industry appears to have been long promised but much delayed. There may be a number of understandable reasons why the wheels have not turned so quickly. For instance, unlike say the financial services industry which is private sector led, the healthcare industry has obvious public sector touch points which can make any sort of change slower. But just as information about an individual’s bank balance or salary is considered confidential, so a person’s health information is particularly sensitive, both in a legal sense (because health information is categorised as sensitive under EU data protection law) but also in an obviously everyday sense – people feel that their health information (in most but not all circumstances) is private.
On July 27th, the Department of Health and Human Services (HHS) and the Federal Trade Commission (FTC) announced settlements with Rite Aid Corporation for the improper disposal of personal information — including prescriptions and labeled pill bottles containing identifiable information about Rite Aid customers, and employment applications — in publicly accessible dumpsters in a variety of cities across the country.
This summer New Hampshire enacted two laws that increase protection for health information. The first, H.B. 619, restricts the use of health data for marketing and fundraising purposes, and imposes new state data breach notification requirements on health care providers, including pharmacists. The second, H.B. 542, establishes a framework for health information exchange entities (HIEs) and requires that individuals be permitted to […]
With the compliance date for the federal health data breach notifications in the HITECH Act looming, more states are amending their data breach notification statutes to cover health information. The possible trend is evident in the newly-enacted laws of three states – Missouri, New Hampshire and Texas – all of which have been enacted since June 2009. […]