HealthBlawg

David Harlow's Health Care Law Blog

    • Twitter
    • Facebook
    • LinkedIn
    • RSS
    • Email
  • About
  • Archives
  • Podcast
  • Press
  • Awards/Reviews
  • HIPAA
  • HCSM

Hacking HIPAA

June 24, 2013

Join me in attacking an endemic problem in health care today by Hacking HIPAA. I am crowdfunding the development of a new legal form to be used on and after September 23, 2013 to allow patients to opt-in to easier health care communications – a Common Notice of Privacy Practices that is patient-focused. (Text me, please! Email me, please! etc.) Depending on how much support this project garners, we can attack some related problems as well. Contributions at any level are welcome; contributions at the levels designated on the Hacking HIPAA Medstartr page get you a seat at the virtual table, voicing your concerns that need to be met in the CNPP and in follow-on projects.

I’m working on this project with two leading health care open source software developers, Ian Eslick and Fred Trotter. Check out Fred’s video intro to the project on the Medstartr page – you can find Ian and Fred online via the links on the project page, too.

Here’s an excerpt from the crowdfunding project page:

The Problem

Right now we have the worst of all worlds with regards to patient privacy in healthcare. Patients are frequently subject to sub-standard security and privacy practices AND healthcare innovators are unable to deliver solutions that would be useful to patients because their technical approaches are uncomfortably novel for health care bureaucrats. Patients end up getting poor security and no innovation, the worst of all options. This problem is going to get worse before it gets better, since the new Omnibus HIPAA Rule will make cloud hosting of health care projects untenable very soon.  

How to Solve it

We need a way to provide meaningful privacy choices to patients, while enabling technical innovators to offer services using modern technical infrastructures. In order to do that, we need to hack the document that dictates the core relationship between patients, clinicians and innovators. That document is the Notice of Privacy Practices (“NPP”) that patients sign when they first start engaging with a particular provider.

Our Project to Deliver a Solution

The goal of this project is to fund the creation of a universally accepted NPP for health care providers to share with patients — one that recognizes current realities of data storage and transfer, explains these realities to patients, and obtains their consent to use, transmit and store data in a private and secure manner using cloud storage and computing, secure email, email, two-way video systems and text messaging. These are all standard technology approaches that patients use to work with their own health care data every day. But regulatory compliance makes it difficult to work connect with their doctors using these technologies. HIPAA and the HITECH Act — the Federal health data privacy and security laws — govern the use, transmission and storage of personally identifiable health data, and define the parameters for the NPP. However, there is no standard form NPP in use. This means that technologists have to adapt to a plethora of scenarios created by multiple NPPs, none of which is drafted with technical requirements in mind. The law of unintended consequences yields problems for patients and providers as a result of this technology blind spot.

The CNPP will be delivered to project supporters at the $100 level or above before the Omnibus HIPAA Rule compliance date (September 23). It will be made available under a Creative Commons license on or about November 1, 2013.

I encourage you to read the rest of the Hacking HIPAA project description, and to support this project.

Any comments or questions – Please use the commens section on the project page.

Finally, please share this post liberally with anyone who may be interested in this issue and may be interested in supporting our efforts to Hack HIPAA.

David Harlow
The Harlow Group LLC
Health Care Law and Consulting 

Filed Under: Health care policy, Health Law, Health Reform, HIPAA, HIT, Hospitals, Open Data, Participatory Medicine, Physicians, Privacy, Security Tagged With: Expired

you might also like:

  1. OCR and ONC release model NPPs

  2. HIPAA Omnibus Final Rule – What’s in it for Patients?

  3. HIPAA confusion and solutions

« Alternative Quality Contract with Blue Cross Blue Shield of Massachusetts: A model for ACOs?
Viridian Health CEO Brenda Schmidt talks multi-modal disease management with DI »

Follow me on Twitter

David Harlow 💉😷 Follow 42,910 17,570

Mastodon @healthblawg@c.im #HealthCare #MedDevice #Compliance #Privacy @MyOmnipod #HIPAA #digitalhealth #HarlowOnHC #pinksocks Tweets are tweets No more no less

healthblawg
healthblawg avatar; David Harlow 💉😷 @healthblawg ·
6h 1620535759902998528

The Harlow #Healthcare #Innovation Daily #digitalhealth #hcldr #HarlowOnHC #digitalhealth #healthtech

Image for twitter card

Google Research and DeepMind develop AI medical chatbot

digitalhealth.net A new AI-powered medical-specific chatbot developed by Google and DeepMind has shown some potential for clinical applications.

paper.li

Reply on Twitter 1620535759902998528 Retweet on Twitter 1620535759902998528 0 Like on Twitter 1620535759902998528 0 Twitter 1620535759902998528
healthblawg avatar; David Harlow 💉😷 @healthblawg ·
7h 1620524933863378944

ICYMI> Paul Schrimpf, at Prophet Consulting, Driving Health Care Transformation — Harlow on Healthcare https://healthblawg.com/2022/12/paul-schrimpf-prophet-consulting.html?utm_source=twitter&utm_medium=social&utm_campaign=ReviveOldPost #digitalhealth #hcldr #hitsm

Image for the Tweet beginning: ICYMI>  Paul Schrimpf, at Twitter feed image.
Reply on Twitter 1620524933863378944 Retweet on Twitter 1620524933863378944 0 Like on Twitter 1620524933863378944 0 Twitter 1620524933863378944
healthblawg avatar; David Harlow 💉😷 @healthblawg ·
12h 1620445622955278337

Moonshots — StartUp Health https://paper.li/healthblawg/1369855999?read=https%3A%2F%2Fwww.startuphealth.com%2Fmoonshots #hcldr

Reply on Twitter 1620445622955278337 Retweet on Twitter 1620445622955278337 0 Like on Twitter 1620445622955278337 0 Twitter 1620445622955278337
Load More
Follow me on Mastodon

HIPAAtools

Hipaatools

The HIPAA Compliance Toolkit

The Walking Gallery

The Walking Gallery

Quick Links

  • Home
  • Categories
  • Archives
  • Podcast Interviews
  • HIPAAtools
  • HIPAA Compliance
  • Health Care Social Media
  • Speaking
  • In the Press
  • Blogroll

David Harlow

David Harlow

HealthcareNOW Radio

Connect with David

  • Twitter
  • Facebook
  • LinkedIn
  • RSS
  • Email
  • Subscribe
  • Contact
  • Book Me: Speaking
  • About
  • The Harlow Group LLC
Copyright © 2006–2023
HealthBlawg is a publication of The Harlow Group LLC. See Copyright notice and disclaimer.
Fair use with attribution and a link is encouraged. Click for more on David Harlow.
[footer_backtotop text="Back to top" href="#"]