I have taken part in any number of data collection and privacy panels at which the US indifference to privacy protection has been given as a norm. It is always qualified, however, by references to certain specific areas including HIPAA. I have not had the curiosity until now to look this up and see that this is the Health Insurance Portability and Accountability Act 1996 – I was aware that it was to do with medical information, but knew no more than that.
HIPAA imposes significant duties on hospitals and health professionals to preserve the privacy of patient data, imposing serious duties and penalties. That includes liability for breach notification unless there is a low probability that the protected health information
has been compromised. That this is serious stuff is shown from the fact that Walgreens were ordered to pay $1.44m for an alleged HIPAA violation.
With effect from 23 September, the HIPAA Omnibus Final Rule extends these obligations to a much wider range of organisations, giving new rights and new protections to patients in respect of their data.
ZyLAB has devoted a webinar to this and to analagous provisions in the Affordable Care Act. The webinar title is ACA Reporting and the HIPAA Omnibus Final Rule. The participants are Ken Raschbaum, a specialist in health information privacy and data protection as well as the eDiscovery challenges which arise from them, and Johannes Scholtes of ZyLAB, who shows how technology can help mitigate legal risks and reduce the costs of health information governance including the risk of regulatory and internal investigations, audits or litigation. ZyLAB’s Mary Mack moderates.
This is an on demand webinar which you can access here.