The new chief privacy officer for the Office of the National Coordinator for Health IT says that she is always trying to look ahead and understand where technology is going and what it means for privacy and security.

Speaking with Health Data Management on Wednesday, Lucia Savage said she runs her own shop but plans to work collaboratively across the Department of Health and Human Services to achieve a variety of goals. Right now, she has two main items coming down the pipeline.

Also See: Feds Update HIPAA Privacy, Security Guidance

Savage’s office is looking ahead to the privacy needs as telemedicine becomes more ubiquitous. “It’s a complicated analysis in privacy because of variances in state law,” she said. For instance, if a woman lives in Connecticut and calls her psychiatrist in New York, which states laws would then apply? “We need to sort that out,” Savage said. “I don’t have an opinion about how the answer should be. You look at that and it’s confusing.”

Her office is also looking into mobile health that is not regulated by HIPAA. ONC has a project underway with the Federal Trade Commission to develop best practices within the developer industry.

Savage said she is always trying to look ahead and a previous employer once told her the best thing an attorney can do is tell you what is coming around the corner that you had to plan for. She tries to do that from a prospective if the technology is going where we think it is, what that means for privacy and security.”

Among Savages main goals are tackling items slowing down the availably of information for patients at the point of care. “We can do a better job of giving clearer, more contemporary, practical guidance to providers in the field and to consumers about what HIPAA means,” she said.

She also plans to focus on “complex” privacy laws from the states to make sure states can accomplish their health goals and they understand if the rules environment will impede those goals. “States want better health, smarter spending and better healthcare just like we do,” she said.

While understanding that many stakeholders think privacy rules need to be changed, Savage doesn’t have a professional opinion about that. “My job is to move interoperability forward with the rules we actually have and it is up to the public and their legislators to decide if those are the right rules,” she explained.

Register or login for access to this item and much more

All Health Data Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access