TRENDING:

COVID-19 , Electronic Healthcare Records , Governance & Risk Management

ONC's Donald Rucker: More Work to Do on Health Data Privacy

'As a Country, We Really Haven't Sorted Out Privacy' Marianne Kolbasuk McGee (HealthInfoSec) • July 30, 2020    
Don Rucker, M.D., national coordinator for health IT, HHS

Despite recently adopted final regulations designed to enhance health IT interoperability, prevent the blocking of patient information sharing among clinicians and ensure patients have secure access to their health information, many health data privacy issues still need to be addressed, says Don Rucker, M.D., national coordinator for health IT at the Department of Health and Human Services.

See Also: OnDemand | Making the Connection Between Cybersecurity and Patient Care

“As a country, we really haven’t sorted out privacy. The Europeans with their global digital privacy directives are taking a stab at it,” he says in an exclusive video interview with Information Security Media Group.

Rucker points to the need to ensure that health data collected by location-based technologies, wearable devices and websites is adequately protected. “I don’t think any sort of reasonable person looking at this would say we’ve really sorted out … what’s appropriate to share and when.”

’Faux’ Consent

Rucker also says “we still have a long way to go” to ensure that patients have a clear-cut right to consent to how their data is used.

“Getting a three-page consent form when you’re rolled into the ER or pre-op for surgery ... is not really consent. It’s a contract of adhesion, legally,” he says. “We do a lot of what I call ‘faux consent’.”

In this in-depth video interview, Rucker also discusses:

  • How more widespread health IT interoperability, secure health information exchange and patient access to records could have helped during the COVID-19 pandemic;
  • Health data security and privacy regulatory issues falling outside of HIPAA;
  • The status of HHS enforcement of the 21st Century Cures Act health IT provisions, including regulations that prohibit the blocking of patient information sharing;
  • Top privacy and security priorities and projects at ONC for the remainder of this year.

Before being named HHS’ national coordinator for health IT in 2017, Rucker was a professor at Ohio State University and chief medical officer of Premise Health, a worksite clinic provider. Rucker started his informatics career at Datamedic Corp. and later served as chief medical officer at Siemens Healthcare USA. He has also practiced emergency medicine at Kaiser in California, Beth Israel Deaconess Medical Center in Boston, the University of Pennsylvania's Penn Presbyterian and Pennsylvania Hospitals and at Ohio State University’s Wexner Medical Center.

Previous
Former Twitter Staffers Face Additional Charges
Next
Lazarus Group Reportedly Now Wielding Ransomware

About the Author

Marianne Kolbasuk McGee

Marianne Kolbasuk McGee

Executive Editor, HealthcareInfoSecurity, ISMG

McGee is executive editor of Information Security Media Group's HealthcareInfoSecurity.com media site. She has about 30 years of IT journalism experience, with a focus on healthcare information technology issues for more than 15 years. Before joining ISMG in 2012, she was a reporter at InformationWeek magazine and news site and played a lead role in the launch of InformationWeek's healthcare IT media site.



Around the Network

Properly Vetting AI Before It's Deployed in Healthcare
Properly Vetting AI Before It's Deployed in Healthcare
Medical Device Cyberthreat Modeling: Top Considerations
Medical Device Cyberthreat Modeling: Top Considerations
Protecting Medical Devices Against Future Cyberthreats
Protecting Medical Devices Against Future Cyberthreats
Is It Generative AI's Fault, or Do We Blame Human Beings?
Is It Generative AI's Fault, or Do We Blame Human Beings?
Safeguarding Critical OT and IoT Gear Used in Healthcare
Safeguarding Critical OT and IoT Gear Used in Healthcare
Identity Security and How to Reduce Risk During M&A
Identity Security and How to Reduce Risk During M&A
Transforming a Cyber Program in the Aftermath of an Attack
Transforming a Cyber Program in the Aftermath of an Attack
How the NIST CSF 2.0 Can Help Healthcare Sector Firms
How the NIST CSF 2.0 Can Help Healthcare Sector Firms
Evolving Threats Facing Robotic and Other Medical Gear
Evolving Threats Facing Robotic and Other Medical Gear
How 'Security by Default' Boosts Health Sector Cybersecurity
How 'Security by Default' Boosts Health Sector Cybersecurity

Continue »

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.