HIPAA

Why Employers Need to Carefully Approach Employee Healthcare Data

By Kirk J. Nahra, CIPP/US

The recent controversy about AOL CEO Tim Armstrong’s comments on employee healthcare expenses reflects ongoing confusion about the actual and appropriate rules for employers and the protections for employees concerning their health care information. As employers become more involved in the overall management of employee wellness and overall healthcare expenditures, this confusion is likely to remain. Employers need to very carefully consider their approach to employee healthcare information and how they will act effectively and intelligently in this controversial and risky area.

More from Kirk J. Nahra

Big Data

How To Solve the President’s Big Data Challenge

In his recent remarks on the NSA and surveillance, President Barack Obama grabbed the Big Data bull by the horns. We commend the president’s decision to task the Council of Advisors on Science and Technology (PCAST) to reach out to privacy experts, technologists and business leaders to examine the challenges inherent in Big Data. Government surveillance raises distinct civil liberties concerns that commercial and scientific use of Big Data does not; still, it is appropriate to address the profound impact of new technologies on Big Data business opportunities.

Big Data was all the rage in privacy circles in 2013, and now it is achieving appropriate broad policy attention. It implicates modern day dilemmas, which transcend privacy and impact a variety of delicate balancing acts at the core of free market democracy. The examination requires engagement not only by privacy professionals but also by ethicists, scientists and philosophers to address what may very well be the biggest public policy challenge of our time.

From the Regulator

Living in Interesting Times—A View from the New Zealand Privacy Office

One of the dubious delights of being a privacy regulator is the unexpected things that crop up during every working week. It doesn’t matter how I plan and prioritise work—some headline-grabbing issue or urgent demand for time and attention will come across the desk and force a rethink. It can be a challenge, but it certainly keeps the job interesting.

More from Katrine Evans

Healthcare Privacy

On Where Health IT and Privacy Meet

By K Royal, CIPP/US, CIPP/E

The Eighth Annual National Health IT Week kicks off today with the slogan, “One Voice. One Vision: Transforming Health and Care.” This honorary week has been created by the Healthcare Information and Management Systems Society (HIMSS). HIMSS seems to lead efforts similar to the IAPP, even if the mission is different, and there is no doubt that our membership overlaps. HIMSS states that last year, more than 250 organizations participated in the week’s activities while also being recognized by President Obama and the U.S. Senate.

More from K Royal

From the Tool Belt

Moving Past the New HIPAA Rules

By Kirk J. Nahra, CIPP/US

Note from the Editor:

Kirk J. Nahra, CIPP/US, will further delve into the future of healthcare privacy during his break out session Next Generation Healthcare Privacy later this month at the IAPP Privacy Academy in Seattle, WA. He will also co-lead this year's Privacy Bootcamp, an introductory preconference workshop to help professionals navigate the privacy landscape.

So, you’re a HIPAA covered entity or business associate who is in the final throes of revamping (or creating) appropriate and compliant HIPAA privacy and security policies. And, you finally think you are getting a handle on all the changes required by the new HITECH components of the HIPAA rules. And, boy, it’s been some work. So, you’re good for a while, right?

Not really. While the HIPAA privacy and security rules occupy the primary attention for healthcare entities and their business associates, there is a wide range of other privacy and security practices, rules, laws and regulations that must be met—and the laundry list is evolving almost constantly.

More from Kirk J. Nahra