5 Top Health Data Regulatory Issues to Watch in 2020Privacy Attorney Kirk Nahra on Critical Potential Developments to Monitor
What are some of the most important health data privacy and security regulatory developments to watch in 2020? Privacy attorney Kirk Nahra of the law firm WilmerHale discusses what he sees as the top five issues in the year ahead.
Among critical developments he's monitoring are potential updates or changes to HIPAA (see HHS Seeks Feedback on Potential HIPAA Changes).
In December 2018, the Department of Health and Human Services issued a request for information seeking public comment on potentially modifying the HIPAA rules to "reduce the regulatory burden" and to improve coordination of patient care.
HHS received more than 1,300 comments, and a proposed rule could be issued soon, Nahra notes.
"What was interesting about the RFI is that while it covered a variety of topics, it largely seemed to be focused on whether the HIPAA Privacy Rule actually impedes certain kinds of activities that the government views desirable," Nahra says in an interview with Information Security Media Group. That includes examining whether the rule is an obstacle to more coordinated care, he says.
In the RFI, "there were also undertones on ... the opioid crisis - and this sense in the government on whether somehow this crisis could have been averted or reduced if there had been better information sharing," he says.
In this installment in a series of "2020 Visions" interviews with thought leaders about trends in the new year (see audio link below photo), Nahra also discusses:
- Other considerations related to potential updates to HIPAA;
- HIPAA enforcement trends, including penalties for compliance violations involving individuals' right to access their health information;
- Potential regulatory and legislative developments related to health data not covered under HIPAA;
- The California Consumer Privacy Act and other state privacy regulations;
- Privacy issues involving health data used for medical research.
Nahra is a partner with WilmerHale in Washington, D.C., where he co-chairs the global Cybersecurity and Privacy Practice. He represents companies in a wide range of industries in analyzing and implementing the requirements of privacy and security laws across the country and internationally, including advice on data breaches, enforcement actions, big data issues, contract negotiations, business strategy and overall privacy, data security and cybersecurity compliance.