Mobile app developers are asking a U.S. agency to clarify its rules for protecting patient health information to reflect the fast-evolving technology, recode is reporting.
A consortium of companies including CareSync, AirStrip and AngelMD, sent a letter to Pennsylvania Republican Rep. Tom Marino, to express their frustration at the lack of developer-friendly online resources about HIPAA.
The developers are arguing that the government isn’t doing enough to make this a leveled playing field, with larger companies committing serious resources to hire lawyers and consultants that deal with HIPAA compliance.
Regulators “have not kept pace with the rapid growth of technology that gives users greater access to health-care providers and more control over their health information,” the letter said.
Regulators have not kept pace with the rapid growth of technology that gives users greater access to health-care providers and more control over their health information.Morgan Reed, executive director of the 5,000-member-strong App Association said that startups and large tech companies alike are seeking clarity on how sensitive health data can be stored and shared.
For instance, developers asked that the government to provide better guidance about how health data can be stored in the cloud. These and other questions, the group argues, should be presented in an easy-to-grasp manner on some FAQ page. Moreover, they say that the Department of Health and Human Services should increase its participation in mobile health events.
With the increasing money entering the healthcare space, chances are the government will be pushed to respond promptly, update its site and make it easier for startups to “do their thing.” We’ll let you know when that happens…
UPDATE: According to VentureBeat, Reps. Tom Marino (R-Pennsylvania) and Peter DeFazio (D-Oregon) reacted after working closely with a software industry group. The two have sent a letter to Health and Human Services Secretary Sylvia Mathews Burwell asking that the government work more closely with app developers to stay within health data privacy laws.
Documentation on the Health and Human Services (“HHS”) website outlining technical compliance with HIPAA (Health Insurance Portability and Accountability Act) has not been updated since 2006, years before an app store existed, much less the modern mobile device.
Many companies creating mobile health apps have told us that they want to fully comply with HIPAA regulations but have difficulty confirming that they have done so because current regulatory guidance does not cover technologies that they are using.
In some cases, small technology companies have reported having to hire large legal teams just to determine with some level of certainty that their product is in compliance with HIPAA. In order to ensure that innovative health companies do not inadvertently run afoul of the law, regulatory guidance should be routinely updated to reflect modern technologies being used in the health field…
We would like HHS to assign employees with technological expertise to regularly engage with companies in the emergent healthcare technology space. These employees should be prepared to work with app developers and others to make sure that products incorporate HIPAA protections beginning at the early stages of product development.
Sounds like a move in right direction; let’s hope that HHS will be swift to respond, helping this emerging economy continue to prosper.