Members of the American Health Information Management Association (AHIMA) called on Congress to better serve and protect the growing population of healthcare consumers who use technology – such as social media, wearables and mobile health (mHealth) apps – to manage their health. AHIMA members met with Congressional leaders in Washington, D.C. on this issue, among others relating to the need for HIPAA modernization, during the 2019 AHIMA Advocacy Summit.
These technologies, referred to by the Office of the National Coordinator (ONC) as “non-covered entities” (NCEs), are not covered by the Health Insurance Portability and Accountability Act’s (HIPAA) individual right of access laws, meaning that an individual often times has no right to request their sensitive health information from such technologies. Rather, in many cases, whether such health information may be shared with the individual is left up to the discretion of the application itself.
To ensure this growing patient group’s information is both accessible and protected, AHIMA recommends lawmakers develop or direct the U.S. Department of Health and Human Services (HHS) to define HIPAA NCEs in law, extending HIPAA’s individual right of access to these entities. This will ensure the same uniform data access policy for individuals using health technologies.
“As technology continues to shape healthcare, the number of patients using wearables, social media and mobile apps for health purposes has skyrocketed, but this shift in how patients record data shouldn’t affect their level of protection and access,” said AHIMA CEO Wylecia Wiggs Harris, PhD, CAE. “AHIMA’s members are pushing for a solution that balances access to information, patient protection and maximizing use of technology.”
During the Summit, AHIMA advocated for three additional key issues related to patient information and the need for a modernized version of HIPAA: