HealthBlawg

David Harlow's Health Care Law Blog

    • Twitter
    • Facebook
    • LinkedIn
    • RSS
    • Email
  • About
  • Archives
  • Podcast
  • Press
  • Awards/Reviews
  • HIPAA
  • HCSM

Hacking HIPAA

June 24, 2013

Join me in attacking an endemic problem in health care today by Hacking HIPAA. I am crowdfunding the development of a new legal form to be used on and after September 23, 2013 to allow patients to opt-in to easier health care communications – a Common Notice of Privacy Practices that is patient-focused. (Text me, please! Email me, please! etc.) Depending on how much support this project garners, we can attack some related problems as well. Contributions at any level are welcome; contributions at the levels designated on the Hacking HIPAA Medstartr page get you a seat at the virtual table, voicing your concerns that need to be met in the CNPP and in follow-on projects.

I’m working on this project with two leading health care open source software developers, Ian Eslick and Fred Trotter. Check out Fred’s video intro to the project on the Medstartr page – you can find Ian and Fred online via the links on the project page, too.

Here’s an excerpt from the crowdfunding project page:

The Problem

Right now we have the worst of all worlds with regards to patient privacy in healthcare. Patients are frequently subject to sub-standard security and privacy practices AND healthcare innovators are unable to deliver solutions that would be useful to patients because their technical approaches are uncomfortably novel for health care bureaucrats. Patients end up getting poor security and no innovation, the worst of all options. This problem is going to get worse before it gets better, since the new Omnibus HIPAA Rule will make cloud hosting of health care projects untenable very soon.  

How to Solve it

We need a way to provide meaningful privacy choices to patients, while enabling technical innovators to offer services using modern technical infrastructures. In order to do that, we need to hack the document that dictates the core relationship between patients, clinicians and innovators. That document is the Notice of Privacy Practices (“NPP”) that patients sign when they first start engaging with a particular provider.

Our Project to Deliver a Solution

The goal of this project is to fund the creation of a universally accepted NPP for health care providers to share with patients — one that recognizes current realities of data storage and transfer, explains these realities to patients, and obtains their consent to use, transmit and store data in a private and secure manner using cloud storage and computing, secure email, email, two-way video systems and text messaging. These are all standard technology approaches that patients use to work with their own health care data every day. But regulatory compliance makes it difficult to work connect with their doctors using these technologies. HIPAA and the HITECH Act — the Federal health data privacy and security laws — govern the use, transmission and storage of personally identifiable health data, and define the parameters for the NPP. However, there is no standard form NPP in use. This means that technologists have to adapt to a plethora of scenarios created by multiple NPPs, none of which is drafted with technical requirements in mind. The law of unintended consequences yields problems for patients and providers as a result of this technology blind spot.

The CNPP will be delivered to project supporters at the $100 level or above before the Omnibus HIPAA Rule compliance date (September 23). It will be made available under a Creative Commons license on or about November 1, 2013.

I encourage you to read the rest of the Hacking HIPAA project description, and to support this project.

Any comments or questions – Please use the commens section on the project page.

Finally, please share this post liberally with anyone who may be interested in this issue and may be interested in supporting our efforts to Hack HIPAA.

David Harlow
The Harlow Group LLC
Health Care Law and Consulting 

Filed Under: Health care policy, Health Law, Health Reform, HIPAA, HIT, Hospitals, Open Data, Participatory Medicine, Physicians, Privacy, Security Tagged With: Expired

you might also like:

  1. OCR and ONC release model NPPs

  2. HIPAA Omnibus Final Rule – What’s in it for Patients?

  3. HIPAA confusion and solutions

« Alternative Quality Contract with Blue Cross Blue Shield of Massachusetts: A model for ACOs?
Viridian Health CEO Brenda Schmidt talks multi-modal disease management with DI »

Follow me on Twitter

David Harlow 💉😷 Follow 43,525 17,452

Mastodon @healthblawg@c.im #HealthCare #MedDevice #Compliance #Privacy @MyOmnipod #HIPAA #digitalhealth #HarlowOnHC #pinksocks Tweets are tweets No more no less

healthblawg
healthblawg avatar; David Harlow 💉😷 @healthblawg ·
10h 1666487986899369990

ICYMI> Oron Afek, CEO of Vim, Enabling Value-Based Care — Harlow on Healthcare https://healthblawg.com/2021/12/oron-afek-vim.html?utm_source=twitter&utm_medium=social&utm_campaign=ReviveOldPost #digitalhealth #hcldr #HITsm

Image for the Tweet beginning: ICYMI>  Oron Afek, CEO Twitter feed image.
Reply on Twitter 1666487986899369990 Retweet on Twitter 1666487986899369990 0 Like on Twitter 1666487986899369990 0 Twitter 1666487986899369990
healthblawg avatar; David Harlow 💉😷 @healthblawg ·
17h 1666382102542123009

ICYMI> Next-level Home Health Care: Ashish Shah, CEO of Dina — Harlow On Healthcare https://healthblawg.com/2022/06/ashish-shah-ceo-dina.html?utm_source=twitter&utm_medium=social&utm_campaign=ReviveOldPost #digitalhealth #hcldr #HITsm

Image for the Tweet beginning: ICYMI>  Next-level Home Health Twitter feed image.
Reply on Twitter 1666382102542123009 Retweet on Twitter 1666382102542123009 0 Like on Twitter 1666382102542123009 0 Twitter 1666382102542123009
healthblawg avatar; David Harlow 💉😷 @healthblawg ·
7 Jun 1666276384795181056

ICYMI> Natalie Davis, CEO of United States of Care — Harlow on Healthcare https://healthblawg.com/2022/11/natalie-davis-usofcare.html?utm_source=twitter&utm_medium=social&utm_campaign=ReviveOldPost #digitalhealth #hcldr #HITsm

Image for the Tweet beginning: ICYMI>  Natalie Davis, CEO Twitter feed image.
Reply on Twitter 1666276384795181056 Retweet on Twitter 1666276384795181056 0 Like on Twitter 1666276384795181056 0 Twitter 1666276384795181056
Load More
Follow me on Mastodon

HIPAAtools

Hipaatools

The HIPAA Compliance Toolkit

The Walking Gallery

The Walking Gallery

Quick Links

  • Home
  • Categories
  • Archives
  • Podcast Interviews
  • HIPAAtools
  • HIPAA Compliance
  • Health Care Social Media
  • Speaking
  • In the Press
  • Blogroll

David Harlow

David Harlow

HealthcareNOW Radio

Connect with David

  • Twitter
  • Facebook
  • LinkedIn
  • RSS
  • Email
  • Subscribe
  • Contact
  • Book Me: Speaking
  • About
  • The Harlow Group LLC
Copyright © 2006–2023
HealthBlawg is a publication of The Harlow Group LLC. See Copyright notice and disclaimer.
Fair use with attribution and a link is encouraged. Click for more on David Harlow.
[footer_backtotop text="Back to top" href="#"]