All articles tagged with #hipaa
Hundreds of millions seek health guidance from AI chatbots, but consumer tools like OpenAI's ChatGPT Health aren’t medical devices and carry limited legal protections; even with enterprise versions promising HIPAA-aligned safeguards, terms can change and misinformation remains possible, so guard your diagnoses, lab results, and other private data when chatting with these tools.
Anthropic launches Claude for Healthcare, a HIPAA-ready AI toolkit that connects Claude models to medical databases (CMS Coverage Database, ICD-10, PubMed) to support providers, payers and life sciences with safer, enterprise-grade workflows from prior authorization to regulatory submissions.
A congressional investigation has revealed that major pharmacy chains in the US, including CVS, Walgreens, and Rite Aid, hand over sensitive medical records to law enforcement without requiring a warrant. Some pharmacies even share this information without consulting legal professionals. Lawmakers are calling for the Department of Health and Human Services (HHS) to revise health privacy laws to require warrants for accessing medical records. The pharmacies argue that they are not violating HIPAA regulations, but lawmakers believe that HHS should strengthen the regulations to align with privacy expectations and constitutional principles. They also urge pharmacies to follow the lead of tech companies in protecting customer privacy and to publish annual transparency reports.
A congressional investigation has revealed that major pharmacy chains in the United States, including CVS Health, Kroger, and Rite Aid, have been sharing Americans' prescription records with law enforcement and government investigators without requiring a warrant. This practice raises concerns about the privacy of medical information. While some chains have their lawyers review law enforcement requests, others allow pharmacy staff members to hand over customers' medical records in-store. The revelation comes at a time when the debate over privacy expectations is heightened due to the criminalization of abortion and reproductive health-related drugs in certain states. The investigation calls for stronger privacy protections and transparency in the handling of medical data by pharmacies.
Amazon Clinic is an intermediary between patients and healthcare providers, offering telehealth services with clinicians. However, when signing up for treatment through Amazon Clinic, patients authorize all involved parties to share their Protected Health Information (PHI) with Amazon, including contact information, demographic information, account and payment information, and complete patient files. Amazon has the right to retain, use, and disclose this information for two purposes: to set patients up with another healthcare provider if the one they used through Amazon Clinic leaves, and to facilitate services from other providers, which is unclear. Patients can revoke their authorization by faxing or mailing a written request or filling out a form.
Washington state has passed a new law, My Health, My Data, which requires companies to obtain explicit consent from users before collecting, sharing, or selling their health data. The law will come into effect in March 2024 and will apply to medical apps and sites that collect medical data. The law also gives users the right to withdraw consent at any time and have their data deleted. The law aims to protect users' health data from companies and organizations not covered under the HIPAA Privacy Rule.
The Biden administration is proposing a rule to close a loophole in medical privacy laws that allows healthcare workers to report patients to the police if they suspect them of self-managing an abortion. The proposed rule would add language to HIPAA to ban healthcare workers and insurance companies from sharing health information that would be “used to identify, investigate, sue, or prosecute someone for seeking, obtaining, providing, or facilitating lawful reproductive health care.” The move comes amid a push from advocates and after reporting from Jezebel and others explained the dangers of the privacy loophole and the chilling effect it can have on health care in a post Roe v. Wade America.
The Biden administration has proposed new health privacy protections to prevent protected health information from being used to investigate or sue people who facilitate abortions. The changes would bolster reproductive health care privacy and strengthen existing privacy rule protections under the Health Insurance Portability and Accountability Act of 1996. The proposed rule would continue to allow a regulated entity such as a health insurance company or provider to use or disclose protected health information "for permissible purposes" under the privacy rule, but not when its primary purpose is to investigate or impose liability on any person for seeking or facilitating lawful reproductive care.
The Biden administration has proposed new privacy protections to prevent women's health information from being used to investigate or sue people who obtain or facilitate abortions. The proposed rule by the US Department of Health and Human Services (HHS) aims to protect women living in states where abortion is illegal who travel out of state to have the procedure done. The rule would also protect healthcare providers, insurers, or other entities who perform or pay for abortions. The proposed rule strengthens existing privacy protections under the Health Insurance Portability and Accountability Act (HIPAA) which are binding in all states.
The Biden administration is proposing an update to the Health Insurance Portability and Accountability Act (HIPAA) to provide stronger legal protections for people who obtain abortions and their doctors. The new rule would prevent healthcare providers and insurers from sharing information with state officials for the purpose of investigating or prosecuting someone for seeking or providing a legal abortion. The move comes in response to concerns from abortion-rights advocates and Democratic lawmakers, and follows a recent Texas court ruling threatening access to the abortion pill. The proposed rule will be open for public comment for 60 days before a final rule is issued.
A new study found that 99% of US hospitals employed online data trackers in 2021 that transmitted visitors’ information to a broad network of outside parties, including major technology companies, data brokers, and private equity firms. The data captured included visits to pages on specific conditions such as depression, breast cancer, and Alzheimer’s disease. The ubiquitous use of the tracking tools may clash with the privacy expectations — if not the legal protections — that consumers take for granted as they browse online in search of medical care and information.