As of 2020, nearly two-thirds of the world’s population is online. In other words, more than 4.5 billion people are searching, connecting, and sharing every single day. With so much data flying around the internet, questions about data security are bound to come up. The answers to these questions become even more important when they have to do with your health data.
When it comes to your health, privacy is everything. Of course, your doctor won’t go around discussing your health with his or her friends, but other areas of health data are less black and white. Understanding who controls your information is crucial, but it’s easy to get bogged down in the details. Don’t worry – we’re here to help guide you through the biggest changes in health data security.
Here’s everything you need to know about the security and privacy of your health data.
Gaps in HIPAA Protection
Back in 1996, the United States Congress passed the Health Insurance Portability and Accountability Act, commonly known as HIPAA. This groundbreaking piece of legislation set standards for health information in a way that would ensure privacy, promote quality care, and protect public health. Unfortunately, HIPAA can’t do it all.
Although the digitization of health records has undoubtedly improved health care, our increasingly digital world has also created gaps in data security that HIPAA does not cover. The primary issue is that HIPAA explicitly excludes health data that has been created by the patient. Though it may not seem like a big deal, this exclusion is much more relevant than you think.
For instance, many of us wear fitness or lifestyle trackers that record heart rate, activity, and even sleep data. All of this information is created by the patient — or in this case, the user — and is not protected by HIPAA. In fact, once a fitness or health tracker records your health information, the company that created the technology now owns your data.
Furthermore, in 2019, Facebook launched a Preventative Health tool with the intention of helping users advocate for their own health. However, this tool collects huge amounts of sensitive non-HIPAA health data, and Facebook has a sordid past with its users’ data security.
On the bright side, though, many lawmakers are actively working to find a way to expand HIPAA protections, which would allow patients to receive quality care while keeping their private data private.
The Role of COVID-19 in Health Data Security
In times of crisis, the government often suspends some privacy and security laws. The COVID-19 pandemic is no different, and the U.S. has made exceptions to HIPAA to protect public health. For example, state law may require that hospitals disclose private health data of those infected with the COVID-19 virus to public health officials.
Additionally, telemedicine has become increasingly common over the last several months. Under normal circumstances, data security dictates that all telemedicine platforms must be HIPAA compliant. However, due to the coronavirus pandemic, the U.S. Department of Health and Human Services (HHS) has announced that it will not enforce HIPAA compliance for telehealth platforms during the pandemic.
During such a hectic and vulnerable time, use of non-HIPAA platforms can be risky. Fortunately, many health care providers continue to use platforms that are HIPAA compliant and ensure data security.
Ensuring Your Health Data Security
In an age that’s becoming more digital by the day, it’s crucial to digitally process medical information. Digitization can improve a patient’s overall care by increasing access and promoting relevant communication. However, digital health data isn’t always as secure as we’re led to believe. Specifically, when the patient creates his or her own health information — such as heart rate data collected by a smartwatch — the data is not covered under HIPAA and is thus fair game for the companies that have access to it.
Lawmakers are in the process of creating legislation to promote privacy and ensure data security, but until our laws catch up to technology, understanding where your health information is stored and who has access to it is essential for ensuring your data security.
To learn more about the privacy of your health data, follow us on social media!