September 9, 2022

Maverick's Update

Only What Matters In Health Information Policy

Unflappable. This is the adjective that comes to mind when thinking about the great Queen Elizabeth II. No matter what or who she was faced with, for an astonishing 70 years, she was the one person we could depend upon to behave with dignity, grace, and not a little bit of stoicism in any circumstance. For Americans, who -- let’s be honest -- tend to appreciate drama, the Queen’s understated behavior could be maddening and difficult to relate to, but she will always be admired for her reliable, unwavering duty to her people -- and by extension, all of us. It makes great sense, then, that only the very best actresses were allowed to portray her in multiple movies and shows (Helen Mirren, Emma Thompson, Olivia Colman, Claire Foy, Kristen Scott Thomas). They would all say that they tried to portray the Queen despite not really knowing this intensely private woman. We explain in the One Thoughtful Paragraph below that health data is not always so private.

Other health data privacy news:

• On September 8, the FTC hosted a public forum about consumer data privacy. Given the confusing myriad of federal and state privacy laws, the FTC is seeking to address private companies’ data security and surveillance practices that may harm consumers. The agency specifically allowed commentary about its recently released Advanced Notice of Proposed Rulemaking. More here.

• A recent Venture Beat article called health care cyber and ransomware attacks a “digital pandemic.” A PwC survey reported cybersecurity among one of the top three concerns for healthcare executives and executives across all business sectors.

• Experts are saying that vulnerable patients may be at risk because of outdated technology at the Organ Procurement and Transplantation Network, a public-private partnership that allocates and distributes donor organs to individuals waiting for an organ transplant. The Washington Post, the U.S. Senate Finance Committee, and most recently, the HHS Office of Inspector General, have all criticized the network’s technology and data security oversight.

One Thoughtful Paragraph

The Royal Family announced that Queen Elizabeth II died peacefully at age 96. We will take a minute to absorb the passing of a steadfast, long-time leader, wondering how to be as unflappable as the Queen while we face ongoing changes in the health data arena. One of our constant American dramas is how we feel about the privacy of our data. While the debate heats up about whether data privacy is a civil right, one woman decided to incorporate herself to protect her data privacy. Indeed, law firms (here, here, here) and other organizations (here, here) are in a pretty constant state of updating their lists of health privacy laws. California just added to them this week when its legislature passed a bill (not yet signed by the Governor) to prohibit abortion-services-related-data from being turned over to law enforcement. California, of course, is one of the five states (CT, VA, UT, and CO) that have comprehensive data privacy laws on the books. It is the fear that California’s law would be preempted that made House Speaker Nancy Pelosi object to the federal push for a comprehensive data privacy law. What would the Queen do? She may point out that, even before she was born, the United States of America established the Federal Trade Commission, which (as we noted above) seems to be on a mission to address these data privacy issues (to the extent of its limited authority). We may have a long-term, steadfast leader in the data privacy fight after all. Keep calm and carry on?