Health Tech, Legal

Democrats propose bill to protect privacy, data security amid growing use of pandemic-related tech

As the use of technology proliferates during the Covid-19 pandemic, concerns rise about privacy and health data security. Congressional Democrats have proposed new legislation that would protect individuals' data rights amid the public health crisis.

Technology is the linchpin of the United States’ response to the Covid-19 pandemic. But the growing use of digital solutions raises the complicated issue of ensuring individuals’ right to privacy.

Now, a group of Congressional Democrats have introduced a bill to address this concern.

The Public Health Emergency Privacy Act would set enforceable privacy and data security rights for health information amid the Covid-19 pandemic. It would ensure that data collected is strictly limited for use in public health, mandate that tech firms delete data collected once the public health emergency is over and explicitly prohibit the use of health data for discriminatory, unrelated or intrusive purposes.

Further, the bill would not allow medical information or contact tracing data to be used to prevent people from exercising their right to vote, and it would require regular reports on the impact of digital collection tools on civil rights, among other mandates.

U.S. Sens. Mark R. Warner (D-Va.), Richard Blumenthal (D-Conn.) and Reps. Anna G. Eshoo (D-Calif.), Jan Schakowsky (D-Ill.), and Suzan DelBene (D-Wash) introduced the bill. Co-signers include Democrats from the House and Senate.

The proposed bill has also been endorsed by advocacy groups like the Access Now, Electronic Privacy and Information Center and the Center for Digital Democracy.

“Our health privacy laws have not kept pace with what Americans have come to expect for their sensitive health data,” said Warner in a statement. “Absent a clear commitment from policymakers to improving our health privacy laws, as this important legislation seeks to accomplish, I fear that creeping privacy violations and discriminatory uses of health data could become the new status quo in healthcare and public health.”

Technology has been one of the most effective tools in the country’s collective arsenal against the Covid-19 pandemic. From contact tracing apps to providing digital access to vaccine records, technology is needed for nearly every aspect of the pandemic response.

But privacy and data security regulations for these technologies have remained in a grey area. The Department of Health and Human Services has said that entities covered under HIPAA are not liable for the subsequent use or disclosure of personal health information by a third-party app that a patient has agreed to give information.

Further, the HHS’ Office for Civil Rights said Jan. 19 that it will not impose penalties for violations of HIPAA “in connection with the good faith use of online or web-based scheduling applications” for making Covid-19 vaccination appointments.

These loose regulations combined with the fact that cybercriminal activity jumped in 2020 paints a concerning picture. More than half of healthcare cybersecurity professionals said that their organization experienced a phishing attack in the last year, and about 20% said their organization experienced a ransomware or other malware attack, according to a survey from the Healthcare Information and Management Systems Society.

The newly proposed bill aims to build Americans’ trust in the health technologies being used during the Covid-19 pandemic.

“The Public Health Emergency Privacy Act is a critical bill that will prohibit privacy invasions by preventing misuse of pandemic-related data for unrelated purposes like marketing, prohibiting the data from being used in discriminatory ways, and requiring data security and integrity measures,” Eshoo, one of the bill’s authors, said in a statement. “The legislation will give the American people confidence to use technologies and systems that can aid our efforts to combat the pandemic.”

Photo: metamorworks, Getty Images

 

 

 

 

 

 

 

Shares0

This article is featured in the Healthcare Docket newsletter, a partnership between Breaking Media publications MedCity News and Above the Law.

Enter your email address to subscribe.

Shares0