The increasingly rapid growth of technology has been reshaping the world for several decades now. Tomorrow's gadgets give us capabilities and access to information in ways that we couldn't imagine yesterday, continually delighting (or horrifying) us.
New products and innovations are created, and the current system has to adapt to accommodate them. This fact has become very apparent in the healthcare industry, where the latest devices and treatment methods are changing how and where healthcare is being delivered.
These changes bring into question the security of patient data in healthcare, which has been under strict government regulation. Privacy of patient data is a major concern, and laws like HIPAA along with the FDA approval process have traditionally guided how healthcare providers store, use, and transmit that data.
But entrepreneurs and inventors are coming up with medical protocols and devices that the writers of HIPAA didn't see coming, and many in the industry are struggling to fit their products into those older regulations. In many cases, guidelines written for an older time are preventing new, good ideas from flourishing.
This is the dilemma being faced by federal healthcare regulators: how do you encourage innovation and growth in healthcare while protecting patient privacy?
Balancing Patient Privacy with Innovation
Healthcare providers want to be able to do their job well, and so they've been pushing the government to develop better regulations that fit the modern world.
A clear set of laws and guidelines would make it easier for healthcare providers to create products, tools, and methods that would deliver a higher level of care. Confusing legislation written for an older time is only getting in the way of medicine today.
This situation creates a major hurdle for any small healthcare startup with a great idea: it's very expensive to comply with medical regulations, a process that not only includes building secure software but also hiring attorneys to be sure that you're in proper compliance with the law. This is a lot to deal with, especially compared to other industries where a young entrepreneur won't face so many hoops to jump through.
Healthcare Blocks is a startup in Nashville, Tennessee, that was founded to help solve this problem. Instead of finding and paying for an expensive compliance attorney, Healthcare Blocks offers medical startups a simpler solution to staying HIPAA-compliant. Phil Misiowiec, founder of the company that became Healthcare Blocks (formerly called Atlas Health), said that startups need a cheap and easy way to comply with the law.
“I realized areas of HIPAA are really murky. You have to spend a lot of time digging through it. It is like reading an encyclopedia,” he said. “... A two-person company developing a mobile app doesn’t have that kind of money, so that is where we come in.”
Concerns about the security of new healthcare tech are understandable, but it should be mentioned that being HIPAA-compliant does not necessarily mean that patient data will be secure. There are a surprising number of data breeches being reported at HIPAA-compliant facilities, affecting the privacy of thousands of patients.
The FTC Responds with a Mobile Health App Tool
It seems that the federal government has heard the complaints of healthcare providers. The FTC (Federal Trade Commission) has recently created a tool to help mobile health app developers figure out which regulations might apply to their apps.
This tool asks developers some basic questions about what their app does, the types of data it collects, and if they are associated with any healthcare providers. If you answer “yes” to certain questions, you'll be given some information on the regulations you need to comply with, and links to further resources.
Another website, set up by the Office for Civil Rights of the U.S. Department of Health and Human Services, is asking for comments and questions from health app developers. They want to know what concerns they have about HIPAA, and in particular are asking about the areas that developers want guidance in. What regulations are most confusing?
The healthcare industry is moving much faster than it used to, leaving regulators scrambling to catch up. But at least the problem is getting out into the open, becoming a topic of conversation on both sides. Innovators are pushing the boundaries, and the government is now responding at a better pace.
HeroX is hosting the CHIME National Patient ID Challenge, a contest to come up with a better way to quickly and easily identify patients. Time is running out, so submit your own ideas for a chance to win $1,000,000!