Becker's Healthcare November 22, 2019
Andrea Park

Despite the widespread expectation that HHS and HIPAA protect patients from unauthorized data-sharing like that of Google and Ascension’s “Project Nightingale,” technology has advanced far beyond the boundaries of the 1996 law, The Wall Street Journal reports.

“We have these enormous gaps in our regulatory framework,” Deven McGraw, a former HHS official, now chief compliance officer for health tech startup Ciitizen, told WSJ. “It was never intended to cover the universe and as that universe expands, it looks less and less adequate.”

Project Nightingale, for instance, does not violate HIPAA: The law allows healthcare providers’ business partners to handle patient records so long as they protect the data from misuse or unauthorized disclosure. Patient permission is not required for data-sharing...

Today's Sponsors

LEK
ZeOmega

Today's Sponsor

LEK

Continue Reading

 
Topics: Govt Agencies, Health System / Hospital, HHS, HIPAA, Physician, Provider
Related Articles:
If data is the new oil, there’s going to be war over it
Epic cuts data access to startup over alleged misuse
Health records giant Epic cracks down on startup for unauthorized sharing of patient data
2023 in Review: The Rise of Healthcare Data Privacy Regulations
96% of hospitals share website data: Study

Share This Article