Protecting Privacy and Building Trust as Mobile and Online Health Evolve
Co-authored by Lygeia Ricciardi, Office of the National Coordinator for Health IT
As we know from numerous polls and studies, the privacy of personal health information is one of the policy issues the public cares about most as health care goes digital. Laws and regulations such as HIPAA and HITECH provide some parameters for privacy guidance in this changing environment, and as health information technology evolves, additional initiatives can build on and complement those protections.
The Office of the National Coordinator (ONC), primarily through its Office of the Chief Privacy Officer, is working to understand and provide tools for addressing privacy and security issues related to mobile and online health through several initiatives, described below. In addition, in partnership with the Office of Civil Rights (OCR), ONC is helping to inform the public about privacy and security within the context of the benefits of health information technology and its potential impact on individual patients and consumers (see Patients & Families website).
Current Privacy Initiatives at ONC include:
- Mobile Devices Roundtable: Safeguarding Health Information: A March 16, 2012 roundtable to inform the development of clinician “good practices” regarding securing health information on mobile devices.
- mHealth Privacy and Security Consumer Research: Ongoing focus group research to explore the attitudes and preferences of consumers with respect to health-related information and mobile devices.
- Survey on Privacy, Security of Medical Records: An annual public survey looking at preferences related to the privacy and security of electronic health records and health information exchange, exploring, among other key measures, the percentage of people who report having kept any part of their medical history from their doctor due to privacy concerns. Results will be posted online.
- Model Privacy Notice for Consumers for Personal Health Records: An online tool that help consumers assess and compare the privacy practices of individual personal health records (PHRs) through a simple table, filled out by PHR providers, describing how they use and protect health information.