Lawsuits for HIPAA Violations and Beyond: A Journey Down the Rabbit Hole

Daniel J. Solove by Daniel Solove, TeachPrivacy
Monday, November 17, 2014

At first blush, it seems impossible for a person to sue for a HIPAA violation. HIPAA lacks a private cause of action. So do many other privacy and data security laws, such as FERPA, the FTC Act, the Gramm-Leach-Bliley Act, among others. That means that these laws don’t provide people with a way to sue when their rights under these laws are violated. Instead, these laws are enforced by agencies. But wait! Stop the presses! A recent decision by the Connecticut Supreme Court has concluded that people really can sue for HIPAA violations. As I will explain later, this is not a radical conclusion ... though the implications of this conclusion could be quite radical and extend far beyond HIPAA.

The Brave New World of HIPAA Enforcement (Part 4)

Daniel J. Solove by Daniel Solove, TeachPrivacy
Monday, October 20, 2014

The Health Insurance Portability and Accountability Act (HIPAA) regulations govern health information maintained by various entities covered by HIPAA (“covered entities”) and other organizations that receive health information from covered entities when performing functions for them. HIPAA is enforced by the Office for Civil Rights (OCR) in the Department of Health and Human Services (HHS).

Restoring Privacy in the Era of Big Data

Kris Alman, Student Privacy Matters,  Sunday, October 19, 2014

A parallel explosion of big data since 2001 is not coincidental. Big data utopians proclaim better integration of fragmented health and education sectors and data analysis will improve outcomes and improve value. The question never seems to be asked, “For whom?”

Even HIPAA not quelling lingering cloud concerns

Anthony Brino, GovernmentHealthIT,  Monday, September 08, 2014

These days, it seems, data breaches and hacking are regular news in health — and across industries. The fear of breaches, subsequent fines and reputation loss are among the reasons why some healthcare technology leaders have been hesitant to embrace cloud-based technology writ large. They need not fear, but should be informed, but such fear is certainly understandable.

Baidu's Health Cloud Aims To Be The App Store For Distance Health Management

Eric Mu, Forbes,  Friday, July 25, 2014

Baidu, a Chinese Internet company that often compared with Google, just announced its entry into the health management industry through the launch of Jiankangyun. The company had kept its lips so tight that the plan must come as a bombshell to many.

Medable promises an easy way to make health apps comply with health data laws

Mark Sullivan, VB News,  Monday, July 14, 2014

Many health-related apps and devices will be hitting the market in the next year or two. And the data that these apps and devices collect could help your doctor provide a more holistic picture of your health. But, as I wrote a few weeks ago, when that health data crosses the line from consumer health cloud into the healthcare delivery system, HIPAA privacy rules will come into play.

Big Data, My Data

Jane Sarasohn-Kahn, iHealth Beat,  Tuesday, June 17, 2014

Is this abundance of data a treasure trove for improving patient care and growing knowledge about effective treatments? Is that data trove a Pandora's black box that can be mined by obscure third parties to benefit for-profit companies without rewarding those whose data are said to be the new currency of the economy? That is, patients themselves?

Exclusive: Google Wants To Collect Your Health Data With 'Google Fit'

Parmy Olson, forbes,  Thursday, June 12, 2014

Such a service would mark a direct challenge to Apple HealthKit framework, launched last week and rolling out with its new mobile platform iOS 8 this fall to aggregate data from wearable devices and apps. Last month Samsung also unveiled Sami, a biometric data platform that collects health information from devices and apps too.

ONC interoperability roadmap cites privacy, security needs

Patrick Ouellette, HealthIT Security,  Monday, June 09, 2014

The Office of the National Coordinator for Health Information Technology (ONC) recently revealed some of its core plans for healthcare IT interoperability in a new report, “Connecting Health and Care for the Nation: A Ten Year Vision to Achieve Interoperable Health IT Infrastructure.”

Mitigating common healthcare cloud IT security issues

Sai Ramanan, HealthIT Security,  Friday, June 06, 2014

Cyber security threats in the healthcare industry are continually on the rise and the value of an identity data set is about $50 per patient record. So what can healthcare providers do to avoid these attacks?