• Julie Barnes

June 19, 2020

Maverick Health Policy

Only What Matters On Health Information Policy

If no one is listening to your great ideas about how to fix the health care system, the federal government is your new best friend.

  1. Health systems will have a report to review soon to help them decide what certified health IT products to buy. The Office of the National Coordinator for Health IT (ONC) contracted with the Urban Institute, and its subcontractor, HealthTech Solutions, to develop an EHR Reporting Program to provide publicly available, comparative information on certified health IT products. ONC is soliciting comments until August 10 on draft criteria for the Electronic Health Record Reporting Program. Submissions accepted here.

  2. The Federal Trade Commission (FTC) is requesting public comment on its Health Breach Notification Rule -- the one created to make sure that vendors notify people when their personal health records are accidentally disclosed or stolen. By August 20, the FTC is hoping to hear from stakeholders about several topics, including what changes should be made to the rule and how it overlaps or conflicts with additional federal, state, or local laws.

  3. U.S. Senate HELP Committee Chairman Lamar Alexander is looking for comments by June 26, on his Post-Pandemic Recommendations, including how to handle the tricky privacy issues between HIPAA v. non-HIPAA health data and the need to improve public health data systems.

One Thoughtful Paragraph

As we try to get back to work safely and otherwise begin resuming normal life, mask-wearing is the only solution that doesn’t invoke a privacy debate. Employers and states want to use virus tracking apps, community health providers need to share information, and people are showing up at random test sites in parking lots to make sure they don’t have COVID-19 -- but all of the links in this sentence are about the privacy problems associated with these activities. Unfortunately, Congress is only considering how to muddy the waters (the Washington Post aptly calls it a “scramble to adopt new privacy protections”). Rather than create a comprehensive, long-term data policy that encourages necessary modern tools while protecting the privacy and security of information, there are three leading, well-intentioned proposals (here, here, here) that will temporarily create a confusing set of rules. Maverick Health Policy understands that HIPAA doesn’t cover many of these new data-tracing apps, but the solution is NOT to create a new cafeteria of privacy rules. Not only would these laws be time-limited to address COVID-19 issues, but (and we are generalizing for the sake of one-thoughtful-paragraph limitations) people would be allowed to “opt-out” or revoke consent for legitimate public health needs (um, how is THAT helpful?), states would be allowed to enforce privacy laws according to their own Attorney General’s version of what is best (so… your health data is protected in Minnesota but not when you visit your family in Texas?) and will create a wonderful new way for plaintiff’s attorneys to buy that new boat they’ve been eyeing because there is a private right of action baked into some of these proposals. Thankfully, there are organizations and coalitions hard at work to develop policies that make more sense.

50 views0 comments

Recent Posts

See All

Maverick's Update Only What Matters In Health Information Policy Now that we have a president who resembles a cardboard box more than a one-man hurricane, we are seeking our current news event drama

Maverick's Update Only What Matters In Health Information Policy On April 27, 2022, the HHS Office of National Coordinator for Health Information Technology (ONC) celebrated its 18th birthday. ONC sha

Maverick's Update Only What Matters In Health Information Policy It is no secret that trying to fix the healthcare system is challenging. When things are complicated, it is helpful when people articul