BusinessPolicy & Law

HIPAA for Web and Mobile Developers and Designers

1 Mins read

Datamap HIPAAI spoke at the HxRefactored conference in Brooklyn last week.

Datamap HIPAAI spoke at the HxRefactored conference in Brooklyn last week. The title of my talk was Dancing with HIPAA and it was intended as an introduction to health care data privacy and security regulations, practical concerns and — most important — practical solutions to privacy and security issues whether subject to HIPAA or not. Many issues for this audience will be triggered by data not gleaned from a health record maintained by a health care provider or payor. Instead, such data may be released by an individual (and therefore no longer covered by HIPAA) and mashed up with data feeds from personal trackers and manually inputted data, put through a health behavior modification recommendation engine, and — voila! — behavior change recommendations are delivered to an individual. In this context, the health data is being held in a special-purpose PHR, not an EHR, so HIPAA rules don’t apply and therefore OCR enforcement should not be of concern — though the FTC breach notification rules apply and, as we know, the FTC asserts broad parallel jurisdiction to enforce HIPAA as well.

Here are my slides:


Embedded in the presentation is a fascinating web page posted by the Data Map at Harvard. (Shout out and thank you to Latanya Sweeney, on leave from Harvard to serve at CTO of the FTC. Hat tip to Jane Sarasohn-Kahn for tweeting a link last week.) A screen shot from this site is used at the top of this post. Digging deeper through this resource is a fascinating and rewarding exercise. It describes itself as

an online portal for documenting flows of personal data. It tells you where your data goes. The goal is to produce a detailed description of personal data flows in the United States. The effort started with health data and is expanding to other kinds of personal data.

Check it out.

Related posts
Policy & Law

Understanding Medical Malpractice and Negligence

4 Mins read
Medical malpractice and negligence are complex areas of the law, and they’re things that medical professionals and patients alike need to have…

4 Things You Need To Know Before Launching A Health Restaurant

4 Mins read
Health restaurants are rapidly gaining popularity across the globe, with customers becoming more and more body-conscious. With global obesity reaching a record…
Policy & Law

Common Defenses a Personal Trainer Can Raise Against You in a Lawsuit

3 Mins read
Training in a gym comes with several risks. You can suffer life-threatening injuries that require a lot of money to treat. The…