Healthcare technologies are rapidly evolving, producing new data types and innovative data uses. Data and technology can bring significant enhancements to the healthcare system, deepen patients’ and consumers’ engagement and understanding about their health, and be used as part of initiatives meant to improve health outcomes. It is critical to analyze how sensitive health and wellness data affect individual privacy and understand what it means for doctors, researchers, and companies to responsibly use such data. The FPF health team continues to build on its prior work on Consumer Wearables and Wellness Apps and Devices and Privacy Best Practices for Consumer Genetic Testing Services by exploring and addressing issues at the forefront and intersection of health, data, and privacy. Of main focus are the privacy challenges related to the collection, use, and sharing of both medical data and data that falls outside of the scope of HIPAA and FDA regulations. FPF brings together stakeholders to analyze how new technologies and data practices in the health ecosystem can impact individual privacy and promote the more effective and ethical use of data.
Reproductive Rights Have Been Privacy Rights For 50 Years
About fifty years ago, the U.S. Supreme Court decided a case that would provide the basis for federal privacy protections for reproductive health decisions. The importance of protecting reproductive information and choice, particularly where abortion was concerned, was the basis for Roe v. Wade (1973) and Planned Parenthood v. Casey (1992), which provided women and […]
The DNA of Genetic Privacy Legislation: Montana, Tennessee, Texas, and Virginia Enter 2024 with New Genetic Privacy Laws Incorporating FPF’s Best Practices
In 2023, four states enacted new genetic privacy laws regulating direct-to-consumer genetic testing companies. This blog post provides details on what these new laws cover and how they compare to FPF’s widely-adopted Best Practices for Consumer Genetic Testing Services. Genetic privacy has been under increasing scrutiny at the state and federal levels, and regulators are […]
FPF Health & Wellness: Mapping the 2024 Health Privacy Landscape, A 2023 Retrospective
In 2024, health and wellness-focused companies are increasingly integrating AI to streamline their services–with the expansion of AI-enabled digital health, the universe of potential health inferences will also expand, triggering new concerns about patient and consumer privacy. At this intersection of reproductive health privacy and AI concerns, state legislators and federal regulators appear poised to […]
Regu(AI)ting Health: Lessons for Navigating the Complex Code of AI and Healthcare Regulations
Authors: Stephanie Wong, Amber Ezzell, & Felicity Slater As an increasing number of organizations utilize artificial intelligence (“AI”) in their patient-facing services, health organizations are seizing the opportunity to take advantage of the new wave of AI-powered tools. Policymakers, from United States (“U.S.”) government agencies to the White House, have taken heed of this trend, […]
Regu(AI)ting Health: Lessons for Navigating the Complex Code of AI and Healthcare Regulations
Authors: Stephanie Wong, Amber Ezzell, & Felicity Slater As an increasing number of organizations utilize artificial intelligence (“AI”) in their patient-facing services, health organizations are seizing the opportunity to take advantage of the new wave of AI-powered tools. Policymakers, from United States (“U.S.”) government agencies to the White House, have taken heed of this trend, […]
FPF Files Comments for the FTC Health Breach Notification Rule Addressing Specific Definitions and Clarity of Scope
On August 8th, the Future of Privacy Forum (FPF) filed comments with the U.S. Federal Trade Commission (the Commission) regarding the Notice of Proposed Rulemaking (NPRM) to clarify the scope and application of the Health Breach Notification Rule (HBNR). The HBNR was promulgated in 2009 as part of the American Recovery and Reinvestment Act as […]
FPF Files Comments with the U.S. Department of Health and Human Services (HHS) Office for Civil Rights
On June 15, the Future of Privacy Forum (FPF) filed comments with the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) regarding the Notice of Proposed Rulemaking (NPRM) on extending additional protections to reproductive health care data under the Health Insurance Portability and Accountability Act (HIPAA). One year ago last […]
(Health) Data is What (Health) Data Does in Nevada
Note: This title is inspired by Professor Daniel J. Solove’s recent essay, ‘Data Is What Data Does: Regulating Based on Harm and Risk Instead of Sensitive Data.’ On June 16, 2023, Nevada Senate Bill 370 (SB 370) was signed into law by Governor Lombardo, making Nevada the second state, after Washington, to pass broad-based consumer […]
Connecticut Shows You Can Have It All
On June 3rd, Connecticut Senate Bill 3 (SB 3), an “Act Concerning Online Privacy, Data and Safety Protections,” cleared the state legislature following unanimous votes in the House and Senate. If enacted by Governor Lamont, SB 3 will amend the Connecticut Data Privacy Act (CTDPA) to create new rights and protections for consumer health data […]
A New Paradigm for Consumer Health Data Privacy in Washington State
The Washington ‘My Health, My Data’ Act (MHMD or the Act) establishes a fundamentally new legal framework within U.S. law to regulate the collection, use, and transfer of consumer health data. Signed into law by Governor Inslee on April 27, MHMD was introduced by request of the Washington Attorney General in response to the Supreme […]