HIA responded to Senator Bill Cassidy’s (R-LA) and the Senate Committee on Health, Education, Labor & Pensions’ request for information on Improving Americans’ Health Data Privacy.
In our comments, we urged Committee members to ensure any privacy policies considered by Congress:
- Avoid duplicative regulation for entities engaged in health care delivery
- Ensure that health information continues to flow to those who need it
HIA also recognized that health information liquidity requires privacy and security and called for any health data framework to have the following attributes:
- Patient-centric
- Strong privacy protections
- Trusted and Secure
- Transparent, Flexible, Consistent, and Sustainable
- Interoperable
- Consistent Protections Regardless of Who Holds the Data
- Strong Enforcement
- Nationwide and Uniform
HIA, once again, highlighted our belief that the Health Data Use and Privacy Commission Act, which would establish a federal commission to make official recommendations to Congress, is the best path forward to generating robust federal policies.
Our comments also urged the Committee to avoid creating duplicative regulation and use the existing de-identification standards in HIPAA that are well understood and work to protect privacy.
Additionally, HIA highlighted the National Conference of Insurance Legislators (NCOIL) adoption of an HIA-drafted resolution to ensure that state consumer privacy legislation includes exemptions for health privacy laws that cover medical research, patient care delivery, and other aspects of health care that are already well regulated. We asked the Committee to examine the resolution and ensure policies considered do not impede the active use of health information to produce new treatments and cures, protect patients from harm, and ensure caregivers have accurate information to treat their patients.