HIPAA Privacy Technology Legislation

Recently, Republican Senator Bill Cassidy and Democratic Senator Tammy Baldwin introduced legislation known as the Health Data Use and Privacy Commission Act. The legislation’s main aim is to update what these Senators view as an “outdated” HIPAA law. When HIPAA was signed into law in 1996, most covered entities were in the telegraph age when it came to using electronic technology to use and disclose medical records. 

These days of 25 years ago were the days of paper charts and documentation, phone communications, and old-fashioned faxes. In the intervening 25 years, HIPAA has not changed, but the world around it has. Today, protected health information is used, disclosed, and accessed by health apps such as FitBit, CommonHealth, and Sleep Cycle. The legislation seeks to bring these entities into the HIPAA fold by designating them as covered entities, thus subjecting them to HIPAA’s regulatory scheme. Additional details of the new HIPAA privacy technology legislation are discussed below.

New HIPAA Privacy Technology Legislation: Deja Vu All Over Again

Congress has attempted to pass new HIPAA privacy technology legislation for at least a decade. Some of the legislation failed to garner bipartisan support. Events beyond the control of Congress have thwarted still other legislative proposals. In 2019, several proposals to “modernize” HIPAA were made. When COVID-19 reached our shores, the momentum needed to pass the new HIPAA privacy and security technology legislation fizzled. 

Do you have an effective HIPAA compliance program? Find out now by completing the HIPAA compliance checklist.

New HIPAA Privacy Technology Legislation: There is a Doctor in the Building

The Health Data Use and Privacy Commission Act (HDUPC) is notable for being introduced by an actual medical doctor. Senator Cassidy is also Bill Cassidy, M.D. As a doctor, he has expressed concern that if HIPAA is not updated to reflect reality, the security of patient data will be put at risk. Senator Baldwin sits on the Subcommittee on Labor, Health and Human Services, Education, and Related Agencies and has a particular interest in health information security. 

Let’s Simplify Compliance

Do you need help with HIPAA? Compliancy Group can help!

Learn More!
HIPAA Seal of Compliance

New HIPAA Privacy Technology Legislation: Nuts and Bolts of the Law

The legislation calls for the creation of a commission to focus on health information security. As the introduction to the legislation notes, this focus is sorely needed: An increasing number of people of the United States are using consumer health technologies, including wearable technology. Today, roughly 20 percent of people in the United States report using such technology, which generates and stores data about their personal health and well-being. 

This commission, to bring consumer health technologies into the state and federal regulatory sweep, would review existing security measures for protected health information (PHI) and electronic protected health information (ePHI) at the state and federal government levels while also evaluating the methods used by providers, consumer electronics companies, insurance companies, financial services companies, and other industry sectors, to collect such information.

After this evaluation, the committee would determine the potential threats to health privacy and when health information sharing is beneficial to consumers. From there, the commission would recommend new HIPAA privacy technology legislative measures to