Report Briefs Policymakers on Security Gaps
Consumers Union and the Center for Democracy & Technology have jointly written a policy brief on ways to strengthen privacy and security of health information while supporting information exchange.
Advocacy groups Consumers Union and the Center for Democracy & Technology have jointly written a policy brief on ways to strengthen privacy and security of health information while supporting information exchange. The authors offer to policymakers seven ways to address gaps in existing protection of health information:
* All business entities that access, use or disclose protected health information should be accountable under law.
* Accountability for compliance with federal and state laws should be strengthened.
* Laws protecting electronic health data should be reassessed. The HIPAA Security Rule, for instance, does not require encryption.
* Rules on use of PHI for marketing purposes should be strengthened.
* Policymakers should give more clarity on how entities are to comply with health privacy laws.
* Policymakers should ensure standards for de-identifying health data remain robust and establish penalties for inappropriate or unauthorized re-identification.
* Data sharing models that favor decentralization and local control should be prioritized.
The policy brief, “Achieving the Right Balance: Privacy and Security Policies to Support Electronic Health Information Exchange,” also includes a set of principles for maximizing HIE while securing data. A cross section of California stakeholders developed the principles in 2010. The brief is available here.
* All business entities that access, use or disclose protected health information should be accountable under law.
* Accountability for compliance with federal and state laws should be strengthened.
* Laws protecting electronic health data should be reassessed. The HIPAA Security Rule, for instance, does not require encryption.
* Rules on use of PHI for marketing purposes should be strengthened.
* Policymakers should give more clarity on how entities are to comply with health privacy laws.
* Policymakers should ensure standards for de-identifying health data remain robust and establish penalties for inappropriate or unauthorized re-identification.
* Data sharing models that favor decentralization and local control should be prioritized.
The policy brief, “Achieving the Right Balance: Privacy and Security Policies to Support Electronic Health Information Exchange,” also includes a set of principles for maximizing HIE while securing data. A cross section of California stakeholders developed the principles in 2010. The brief is available here.
More for you
Loading data for hdm_tax_topic #better-outcomes...