Medscape November 18, 2025
Steph Weber

Almost half of US states have passed comprehensive consumer data privacy protections that go beyond federal health privacy rules, known as Health Insurance Portability and Accountability Act (HIPAA).

The legislative push aims to close a widening security gap as more care, communication, and personal data move online — and beyond HIPAA’s limited scope.

While the laws are designed to protect consumers, they’re also reshaping expectations around how healthcare organizations should handle non-HIPAA-protected data in an increasingly digital landscape.

Much of the shift stems from the growth in telehealth, apps, and direct-to-consumer (DTC) health services, where HIPAA-covered environments like patient portals aren’t the norm.

Consumer health data accumulates quickly. Consumers might search their symptoms online, enter their vitals into a fitness...

Today's Sponsors

Venturous
ZeOmega

Today's Sponsor

Venturous

Continue Reading

 
Topics: Govt Agencies, Healthcare System, HIPAA, Patient / Consumer, Privacy / Security, States
Related Articles:
Epic challenges validity of Texas AG's antitrust lawsuit
Journalists Mine News for Insights on Tylenol, Obamacare Credits, and Rural Health Funding
CDC pauses, then unpauses billions in public health infrastructure grants to states
Mapped: America’s Healthiest States, Ranked
California becomes first state to join WHO disease network after US exit

Share Article