Alaap B. Shah, Member of the Firm in the Health Care & Life Sciences practice, in the firm’s Washington, DC, office, was quoted in the HCPro “Briefings on HIPAA” newsletter, in “Just Say ‘Yes’: Government Putting Patients at the Center of Records Access Requests,” by Dom Nicastro.

Following is an excerpt:

Having Strong Data Governance

Alaap B. Shah, an attorney who specializes in healthcare and life sciences for Washington, D.C.–based Epstein Becker Green, says organizations can prepare for the new world of patient access by becoming good at data governance. Patients will soon have all the power, and saying “no” or “we’ll get you that request in 30 days” will no longer be acceptable, he says.

“The whole idea is giving life to what is said in the 21st Century Cures Act in terms of using all this data that’s being amassed in these various places, empowering the patient at the center of that, and fostering a culture where data flows more freely out of the traditional context into the more innovative sectors,” Shah says.

This innovation sector could be from app develop­ers in Silicon Valley or just places where people might be trying to get access to this information to gain insights, he adds.

One of the best things organizations can do to anticipate changes empowering patients is proactively positioning themselves to deal with data governance issues, according to Shah.

This is about “having data flow from point A to B,” he says. Shah adds that “a lot of that will require refining existing compliance programs and data gover­nance programs or building them from scratch.”

Healthcare organizations need to think about becoming “data stewards” and developing organiza­tional structures to deal with data governance and data asset management.

“From the top levels down, starting from the board all the way through the leadership down to the staff and personnel, organizations need to develop policies around the way people should conduct themselves,” Shah says. Organizations will need to “position themselves to be able to build trust networks where they can share that information and be confident that it’s being used for good things and used in responsible ways.”

Jump to Page

Privacy Preference Center

When you visit any website, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences or your device and is mostly used to make the site work as you expect it to. The information does not usually directly identify you, but it can give you a more personalized web experience. Because we respect your right to privacy, you can choose not to allow some types of cookies. Click on the different category headings to find out more and change our default settings. However, blocking some types of cookies may impact your experience of the site and the services we are able to offer.

Strictly Necessary Cookies

These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.

Performance Cookies

These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.