Privacy and Your SmartPhone.
DOC’s guest author Ed Carter brings us an important topic of health data protection. Here is his article.
Are Your Smartwatch and Fitness Apps Compromising Your Health Info? Here’s What Consumers Need to Know.
These days, health-related tech is in high demand. Wearable devices like smartwatches and Fitbits help us track our daily activities with crucial biofeedback. A smartwatch can also be a wonderful tool for business owners. Meanwhile, there are countless smartphone and tablet apps for everything from monitoring sleeping patterns and getting enough exercise to ensuring proper nutrition and avoiding certain food allergies.
Unfortunately, the U.S. Health Insurance Portability and Accountability Act (HIPAA) isn’t always enough to keep our health information out of the wrong hands. Before assuming tech companies have your best interests in mind, Ed Carter from https://ablefutures.org who is a guest author of this post on DocOffClock provides some key questions to ask yourself:
What is HIPAA? Who Must Follow HIPAA Regulations?
HIPAA is short for the Health Insurance Portability and Accountability Act. According to the California State Government, HIPAA “mandates industry-wide standards for health care information on electronic billing and other processes.” Read more.
The Hill states that According to HIPAA guidelines, any third party that conducts business with a HIPAA-covered entity must have a contract in place that details their responsibilities and requires HIPAA compliance. Regarding wearables, HIPAA does not apply if the tech company does not share the health data with health-care providers. But the patient data collected by a doctor-provided wearable device will be covered under HIPAA. Read more.
What Are the Risks to My Personal Health Information?
When it comes to fitness trackers and risks, VPN Overview poses the hypothetical that “the information stored on the servers of the tracking company could be hacked. After all, if hacking one fitness tracker could yield valuable information, hacking the information of thousands of users is even more valuable. Hackers may sell the information or attempt to ransom it back to the fitness tracking company. Once the information is outside the company’s control, what happens next is anyone’s guess.” Read more.
And in an interview with Med City News UC Berkeley Professor Anil Awswani posits that “another potential scenario could be a technology company like Facebook or Google collecting activity data as part of a research project then combining existing data resources – including purchased medical records – to tie a person to their health records and sell that information to advertisers, researchers or other companies.” Read more.
As a Consumer, What are My Options?
According to the BBC, critics say there’s “too much onus on the consumer to navigate an opting-out system [on fitness apps]. Then there is the fear that hackers could access [an app’s] database and find the details of individual users.” Read more.
“When you get a new fitness tracking device, it's tempting to blow through the setup process so you can get started using it right away. But accepting the default privacy settings can be dangerous,” Experian warns. Instead, “check whether the service is collecting and sharing your stats and locations.” Read more.
How Can Medical Practices and Tech Companies Protect My Health Information?
Travelers states that “first and foremost, wearable devices should be engineered with data security in mind. Manufacturers have the burden of proof to show that data detected by their device was properly safeguarded.” This includes security customization options for the user, the ability to erase data at any time and encryption of personal credentials to access information (i.e. PINs, passwords, etc.). Read more.
“To truly protect patient data,” Health Informatics States, “healthcare organizations need to have policies in place to minimize the chance that information will be compromised. Members of the HIM (health information management) department are often responsible for creating and maintaining these types of standards, which aid providers and other employees in handling data properly to protect patient privacy and security.
“HIM professionals can also have an influence that extends far outside a single healthcare organization. Rules and regulations related to HIM are created at state and federal levels to protect patients throughout the U.S. This is becoming increasingly important as groups strive to create interoperable systems to manage patient information.” Read more.
“Healthcare organizations and business associates that want to prove their compliance with HIPAA and other relevant regulations may conduct a Self-Assessment, or they may opt to become HITRUST CSF Validated or HITRUST CSF Certified. These three options are known as Degrees of Assurance, or levels of confidence that an organization meets all relevant HITRUST requirements,” explains Datica. Read more.
Don’t compromise your health records and privacy by assuming tech companies are complying with HIPAA or HITRUST requirements. Instead, do your research to proactively protect your information. Read privacy policies and show good judgment when discerning which apps, smart devices, and social networks you’ll use.
Ed Carter has worked with clients of all ages, backgrounds and incomes. About 10 years into his career, he saw a need for financial planners who specialize in helping individuals and families living with disabilities. He is the guest author of this post and is responsible for fact checking of links and materials he presented.
DocOffClock is your source for tips, ideas and articles relating to healthy lifestyle, nutrition, cooking at home, fostering your garden, staying well and paying attention to your fitness. Reach out to Kat Seibert today for more info!