Several healthcare and health IT industry groups are asking congress to rethink privacy concerns under the 21st Century Cures Act. While the good intent of the act is to easily facilitate the exchange of health information and provide patients with access to their records, many groups are concerned about patient privacy.
Medical IoT devices and their larger ecosystems provide a wealth of patient related data that ultimately produces better patient outcomes. The real issue that needs to be addressed is data ownership and control. In a data processing environment designed for frictionless interoperability, enhanced privacy and security APIs are required to maintain patient privacy and control of their data. Unfortunately, the Department of Health and Human Services’ Office of the National Coordinator for Health IT side steps the issue of privacy in their statement that health APIs “ must allow health information to be accessed, exchanged and used without special effort.”
Healthcare Info Security takes a more in-depth look at how the “Health Information Exchange Rule Raises Privacy Concerns.”