Karen Mandelbaum, Senior Counsel in the Health Care & Life Sciences practice, in the firm’s Washington, D.C. office, was quoted in Modern Healthcare, in “Interoperability Rule Exposes Gaps in Protecting Privacy,” by Michael Brady. (Read the full version – subscription required.)

Following is an excerpt:

The Trump administration’s new interoperability and data blocking rules will give patients long-overdue access to their health information, but it could come at the expense of privacy since consumers will bear more responsibility for protecting their data under a “buyer beware” standard.

When Congress passed the 21st Century Cures Act in 2016, it directed HHS to force insurers and providers to adopt standardized application programming interfaces—APIs—to make it easier for doctors, hospitals, insurers and patients to share health information. HHS proposed rules, released in February 2019, meet with fierce resistance from some corners of the industry, especially on privacy. …

More to the point, HIPAA was designed in 1996 for insurers and providers when most health information was inside the traditional healthcare system. Now there’s more health-related data outside of it and expanding HIPAA protections to apps, wearables, websites and other consumer-facing products and services could prove unworkable. Even the definition of interoperability has changed since 2004 when it was first discussed.

“Interoperability has taken on a new dimension by including . . . these third-party applications as part of the healthcare ecosystem,” said Karen Mandelbaum, senior counsel for Epstein Becker Green. “We didn’t have third-party apps (in 2004).”

Jump to Page

Privacy Preference Center

When you visit any website, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences or your device and is mostly used to make the site work as you expect it to. The information does not usually directly identify you, but it can give you a more personalized web experience. Because we respect your right to privacy, you can choose not to allow some types of cookies. Click on the different category headings to find out more and change our default settings. However, blocking some types of cookies may impact your experience of the site and the services we are able to offer.

Strictly Necessary Cookies

These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.

Performance Cookies

These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.