When the Health Insurance Portability and Accountability Act, better known as HIPAA, was passed in 1996, AOL was just beginning to crawl and the iPhone was just a twinkle in Steve Jobs’ eye. But with advancing technology and changing caregiver circumstances, the question of who gets to see medical records is one that is constantly evolving.
Apps like Snapchat, where an image can be taken on a phone, sent quickly, and deleted after a certain amount of time, could bring new ways for doctors to more accurately diagnose by getting a second opinion. Updated networks such as Samsung’s proposed 5G could make diagnosis easier from remote places. And as ACOs are looking towards mobile devices for help in getting the best results in the face of the Affordable Care Act, HIPAA remains an issue as to consider.
The HIPAA Security Rule, which was finalized in 2003, states that any organization that is responsible for information has to ensure confidentiality, integrity, and availability of all electronically protected health information, or e-PHI. Organizations who want to fall under this security rule typically have to undergo risk analysis in order to make sure that they’re safe enough to store e-PHI, and has safeguards such as access control and transmission security. Typically, this is applied to health plans, health care clearinghouses, and any health care provider that transmits medical information in an electronic format.
Rick Valencia, general manager of Qualcomm Life, says that HIPAA was a big part of developing their 2net system, which acts as a home hub for medical devices to transmit information from patients to doctors, hospitals, and pharmacies. “What we capture is the biometric reading, just heart rate, blood pressure,” he says. “When we get it, we don’t even know whose it is. We don’t know the name, or anything [about] the patient.”
Since the system only reads data numbers and not personal patient information, this makes the system HIPAA-compliant. Valencia also added that, since Qualcomm Life handles 16 million transactions a day, including plenty of financial transactions. “The level of security on the platform exceeds the requirements for HIPAA,” he says.
There’s one thing for certain – technology is not going to slow down any time soon, and while many health care providers are looking to keep up, the laws may not necessarily do so. This leaves a lot of gray areas in the dawn of the era of the Affordable Care Act, where there is a focus more on health care results.
Reina V. Slutske is the assistant editor for MD+DI.