Lawmakers blast 'sluggish' response by HHS on HIPAA technical guidance
Lawmakers say the U.S. Department of Health and Human Services' progress on promised updated technical compliance guidance for HIPAA has been "sluggish" and "disappointing."
"While HHS can point to the publication of a single document earlier this month as progress, the sum of its efforts reveals a worrisome lack of urgency," they write in a letter to HHS Secretary Sylvia Mathews Burwell.
Signatories of the letter include Reps. Tom Marino (R-Pa.), Peter DeFazio (D-Ore.), Ted Lieu (D-Calif.), Suzanne Bonamici (D-Ore.), Blake Farenthold (R-Texas), Renee Ellmers (R-N.C.), Earl Blumenauer (D-Ore.) and Rep. Will Hurd (R-Texas).
Continued lack of clarity about how HIPAA applies in a mobile environment prevents consumers from benefiting from connected health technologies, the letter states. Developers aren't sure how the law applies to them, and doctors and hospitals are reluctant to adopt these technologies without clear guidance.
The lawmakers decry the lack of follow-through on commitments HHS made in 2014, which include:
- Clarify what tech companies need to do to be in compliance and implement standards to help them do so
- Specify the requirements for services that store data in the cloud
- Engage regularly with tech companies to help them achieve compliance
Lawmakers began pressing the issue in response to a letter to Marino from ACT-The App Association, which represents more than 5,000 mobile app players. FierceMobileHealthcare reported in January 2015 that HHS was working with ACT to provide clearer and more accessible regulatory guidance on the issue.
"Today's letter will hopefully send a signal to HHS that they need to bring their approach to healthcare in line with the technological advances of the 21st Century," Marino said in a statement emailed to FierceMobileHealthcare. "The plodding pace with which they've updated HIPAA guidance as it relates to mobile technology is unacceptable. I am hoping that our letter restarts the progress that began in a promising way with their response to our first letter in 2014. More attention to these technologies, and an open dialogue with Congress, presents the potential for improving the doctor-patient relationship, and innumerable beneficial health outcomes."
Earlier this month, HHS released a four-page publication on how HIPAA applies to mobile health apps.
To learn more:
- read the letter (.pdf)
Feds to clarify HIPAA for mobile health developers
Outdated federal regs may pose threat to mHealth innovation
Lawmakers lobby feds to update regulatory guidance for mHealth apps
HIPAA and mHealth: OCR unveils new guidance on role of developers