Health IT Security April 12, 2022
WEDI and the Confidentiality Coalition proposed recommendations for improving the transparency, security, and privacy of third-party health apps with access to PHI.
Third-party health applications fall outside HIPAA’s purview, positioning them in a regulatory gray area where transparency, security, and privacy obligations are left open to interpretation. Consumers may not realize that the way third-party apps choose to use their health data is largely up to individual companies rather than predetermined regulations.
The Federal Trade Commission (FTC) and state Attorneys General have tried to fill the gaps and enforce against health apps that fail to adequately inform users how their health data will be used.
“But that is really a stop-gap measure,” Linda Malek, partner at Moses & Singer and chair...