This statement discusses a 72-hour "statutory waiver" of 5 basic HIPAA rights (including the right to confidential communications). The waiver is triggered by the Secretary of HHS and applies for a 72-hour period beginning upon implementation of a hospital disaster protocol. This statement discusses this waiver, what it is, what is means, who is impacted, and our recommendations.
Executive Director Pam Dixon gave a one hour webinar 4 May 2020 on global contact tracing apps and technology focusing on case studies in the US, UK, India, South Korea, Singapore, Australia, and other jurisdictions. Recommendations and lessons learned are included, as well as audience questions. Event: Festival of Identity ...
In response to the COVID-19 (coronavirus) pandemic, the U.S. Department of Health and Human Services announced a HIPAA waiver April 9, 2020 regarding Community Based Testing Sites, which waives enforcement of all HIPAA privacy and security protections and data breach rules from some health care activities affecting COVID-19 testing. This statement from WPF includes the following information: -What are the changes the Community Based Testing Sites HIPAA waiver creates? -What are the privacy concerns? -WPF recommendations to correct the privacy problems in the Community Based Testing Sites HIPAA waiver -Background on HIPAA waivers and a list of all current waivers in force
In response to the COVID-19 (coronavirus) pandemic, the U.S. Department of Health and Human Services announced a HIPAA waiver April 2, 2020 regarding Business Associates. The April 2 waiver is consequential and poses significant privacy challenges. This statement from WPF includes the following information: -What are the changes to HIPAA the April 2 waiver creates? -What are the privacy concerns? -WPF recommendations to correct the problems in the April 2, 2020 waiver
This FAQ provides responses to the most frequently asked questions about coronavirus and privacy, especially COVID-19 testing, records, and health privacy for people in, or visiting, the U.S.
In response to the COVID-19 (coronavirus) pandemic, the U.S. Department of Health and Human Services announced some changes in HIPAA practices. This statement from WPF includes the following information: -What are the changes to HIPAA during the COVID-19 emergency? -What are the privacy concerns? -WPF recommendations to ensure patient privacy is protected
WPF is urging the National Institutes of Health to do more to properly advise the research community and to protect data subjects in its draft guidance on data management and sharing. WPF is asking for changes to the NIH guidance because in the US, much health research data in the hands of researchers is not subject to the privacy or security rules in HIPAA.
WPF Executive Director Pam Dixon will testify before the full committee of the National Committee on Vital and Health Statistics (NCVHS) regarding emerging privacy concerns in the healthcare environment, including the role of artificial intelligence, patient authorizations, and automated access to patient health information. The NCVHS is the statutory [42 ...
The Office of Civil Rights in the US Department of Health and Human Services has taken its first enforcement action under the HIPAA right of patient access to health records. HHS announced that it fined a health care provider $85,000 for failing to provide health care records to a patient ...
A PATIENTS’ GUIDE TO HIPAA: NEW E-BOOK + COMPLETE UPDATE For immediate release 5 March 2019 Oregon : World Privacy Forum’s classic and highly popular health privacy resource for consumers, A Patient’s Guide to HIPAA, has been given a complete end-to-end update and is now also available as an ebook. ...
WPF has written to the US Department of Health and Human Services advising them on their Request for Information (RFI) about possible changes to HIPAA privacy and security protections. The RFI has a number of suggestions that, should they become part of a formal proposal, would significantly weaken HIPAA privacy protections.
We have updated our medical data breach map to bring it current to January 2019. This interactive map displays the location of each medical data breach recorded at the US Department of Health and Human Services from 2009-2018. To get the most from the map, you can view breaches by year, by region, and in a simple text list.
A Baltimore mom was surprised and unhappy recently when her son came home from school missing three teeth. The source? A mobile dental clinic at a Baltimore city public school had extracted some of her son’s teeth that day. The mother didn’t realize it, but she had already consented to the dental work through signing a permission slip/release form.
At Biometrics 2016 in London, I gave a keynote presentation on the state of biometrics policy and privacy, with suggestions for further work. Several aspects of that presentation have garnered follow-up requests, including requests for more information about my discussion of the "Fishbone Model" of biometric template security, a model ...
This interactive map displays the location of each medical data breach recorded at the US Department of Health and Human Services from 2009-2016. To get the most from the map, you can view breaches by year, by region, and in a text list.
This coming Thursday, WPF Executive Director Pam Dixon will give a keynote speech on health privacy and security, "The New Healthcare Fraud Continuum." Based on her latest research in health privacy, this talk will be Dixon's first talk about the new fraud continuum, what it is, how it operates, what ...
The World Privacy Forum commented on an important proposal to make changes to the existing rules regarding the confidentiality of alcohol and drug abuse patient records. The proposal is from the Substance Abuse and Mental Health Services Administration (SAMHSA), part of the US Department of Health and Human Services. These ...
Update for March 3, 2016: This week a judge has ordered that the approximately 10 million records of California students held by the California Department of Education will not be turned entirely over to a group of community nonprofits in the Morgan Hill case. Instead, the judge ordered that several ...
The World Privacy Forum has filed extensive comments on the proposed changes to how the Genetic Information Nondiscrimination Act will be interpreted. Our comments focus on how the proposal will impact wellness program privacy, as well as family and spousal privacy. In our comments, we discuss our concerns with a variety of aspects of wellness program privacy, including the fact that much data from wellness programs falls outside of HIPAA protections. We also have strongly urged the EEOC to not allow employers to purchase genetic information about employees from third parties without consent, among other items related to this issue.
The World Privacy Forum filed comments to the US Department of Education regarding its student health privacy guidance published August 18, 2015. The World Privacy Forum supports the DoE guidance, which clarifies how universities and colleges are to handle sensitive student medical records in cases of non-medical litigation. The guidance ...
WPF Executive Director Pam Dixon will be presenting a two hour technology and privacy training at the National Network to End Domestic Violence Tech Summit. The training will be geared to professionals who work with survivors of domestic violence, stalking, and related issues. The workshop will cover the key emerging ...
This WPF video shows how current biosensors look and operate when they are in pill form. The pill sensors highlighted in this video are designed to be swallowed so they can then detect and report on a person’s body temperature to devices such as smart phones. This video is part of WPF's High Tech Health series.
The World Privacy Forum filed comments with the Equal Employment Opportunity Commission about wellness programs and related privacy impacts to individuals. Many Americans now take part in employer wellness programs, and they are increasingly and justifiably concerned about the sensitive information these programs are gathering, sometimes in return for incentives such as discounts on pricing for health insurance. These comments to the EEOC address some of the most significant challenges individuals face, including voluntariness, fairness, due process, and information sharing outside of HIPAA.
FOR IMMEDIATE RELEASE June 15, 2015 San Diego — Pam Dixon, Executive Director of the World Privacy Forum, has been named to an OECD Advisory Group that will help guide the development of the draft OECD Council recommendations on privacy-protective approaches for the use of health data. This work will ...
The Healthy Cities Project in China is one where mobile devices, mobile health mini-hubs, and sensors are the key way that patients, doctors, government, and enterprises can input, monitor, and access vital health statistics and other information in the cloud. Twenty million people already use this system. Healthy Cities is important for study, because it is a fully established infrastructure in those cities in China where it has been deployed. In the US, the Healthy Cities project is being studied by academics to see how it could be replicated in the US marketplace.
