Last month, two Members of Congress wrote to Secretary Burwell of the U.S. Department of Health and Human Services, urging the agency to adopt new guidance on HIPAA compliance for mobile devices.

In their letter, Representatives Tom Marino (R-PA) and Peter DeFazio (D-OR) note that much of HHS’s current guidance predates the proliferation of mobile device apps, and that this guidance does not easily relate to the unique issues presented by this technology.  Thus, companies that develop mobile device technology are uncertain about whether their products comply with HIPAA, and if not, how to bring them into compliance.  The letter also notes that companies often must retain large legal teams to help navigate these complex issues.

Specifically, Congressman Marino and DeFazio ask that the Office for Civil Rights (OCR), the agency at HHS charged with enforcing HIPAA, take several steps including (1) update existing guidance to keep pace with advances in technology, (2) identify implementation standards to help companies come into compliance, (3) provide clarity on storage of encrypted health data on the cloud, and (4) provide compliance assistance, including by making available HHS employees with technological expertise to interface with companies developing mobile technologies.

It remains to be seen whether HHS will respond to the Members’ requests, and if so, how timely.  Updating guidance and regulations that were written before the current mobile technology and internet landscape has been a consistent concern for entrepreneurs and companies creating emergent technologies.  Nevertheless, given that HHS is expected to step up HIPAA enforcement, compliance with federal health privacy law will become even more important.

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Covington Digital Health Team

Stakeholders across the healthcare, technology and communications industries seek to harness the power of data and information technology to improve the effectiveness and efficiency of their products, solutions and services, create new and cutting-edge innovations, and achieve better outcomes for patients. Partnering with…

Stakeholders across the healthcare, technology and communications industries seek to harness the power of data and information technology to improve the effectiveness and efficiency of their products, solutions and services, create new and cutting-edge innovations, and achieve better outcomes for patients. Partnering with lawyers who understand how the regulatory, IP, and commercial pieces of the digital health puzzle fit together is essential. Covington offers unsurpassed breadth and depth of expertise and experience concerning the legal, regulatory, and policy issues that affect digital health products and services. To learn more, click here.