FOR IMMEDIATE RELEASE
CONTACT: Greg Johnson, 301-613-5723
WASHINGTON, DC (March 2, 2020): Health Innovation Alliance (HIA) and 15 patient, provider and technology companies today sent a letter to leadership in Congress detailing principles for new legislation to create a nationwide modern regulatory framework that governs health data privacy and interoperability.
“HIPAA was created 10 years before the iPhone was launched but we still rely on this law as the foundation for health data use and privacy. Now more than ever, we need data and technology to work for patients and providers to improve health,” said HIA Executive Director Joel White. “The new rules on interoperability and information blocking are needed first steps to this critical overhaul of our health data framework. We call on Congress to take up the challenge and modernize our laws so that our information is more secure, more protected, and more useful in curing cancer, lowering costs, addressing mental health issues and preventing illnesses like Coronavirus.”
The principles included in the letter:
- Patient-Centric. The framework allows patients to access and retrieve their health data, to know how their health data are used, and to manage, direct, and audit their data.
- Strong Privacy Protections. Health data is protected by clear and strong privacy rules that ensure that only those who need to know or who are authorized (either by the individual or by law) can access and use individually identifiable health information.
- Trusted and Secure. Any entity that handles health data must comply with reasonable administrative, physical, and technical safeguards to improve health data accuracy, security and reliability. Entities should use a method for private unique identification to ensure security and accuracy of individual records.
- Transparent, Flexible, Consistent, and Sustainable. All actors know their rights, responsibilities, restrictions, and repercussions for bad acts. The framework is technology neutral in order to support and allow for private sector innovation. Market incentives drive creation, adoption, and use of tools across different settings and devices.
- Interoperable. Health data is electronically and effortlessly shared – from the hospital bedside to a wearable device at home – with the healthcare professionals, technologists, patients, caregivers and others who need to have it to treat, test, pay, coordinate, and improve care along the healthcare continuum. Key considerations should be made to improve care delivery, quality improvement, value and outcomes, and advance scientific understanding to produce better treatments and cures for diseases.
- Consistent Protections Apply to the Data Regardless of Who Holds the Data. Consistent protections apply to health data based on the intended health care use regardless of what entity handles the data. This promotes clarity and ensures that any entity who uses protected data is covered by the same rules.
- Enforcement Incents Better Privacy and Data Stewardship. Entities who do not meet strong security protocols, or who inappropriately use or disclose patient health data face strict penalties, including civil and criminal penalties. These penalties become more severe the greater the level of risk and actual harm to an individual, including financial and reputational harm.
- Nationwide and Uniform. All patients receive the same high level of protection regardless of where they are, or where their data are stored, used, or shared. The framework is enforced at the federal level and resources are provided to ensure robust enforcement and compliance.
About Health Innovation Alliance:
HIA is an organization of patient groups, provider organizations, employers, insurers, and startup innovators committed to transforming healthcare. The Health Innovation Alliance exists to improve healthcare by advancing healthcare connectivity, unlocking the abundance of useful data in our healthcare system, modernizing data privacy, and fundamentally redefining care delivery. Learn more at Health-Innovation.org.