Partner Reece Hirsch recently attended and spoke at the 2020 Health Datapalooza held in Washington, DC. This year, Health Datapalooza was co-located with the National Health Policy Conference, providing attendees with an opportunity to participate in both events and hear the latest developments in digital health and health policy innovation.
Reece presented alongside Elisa Jillison of the Federal Trade Commission (FTC) and Linda Sanches at the US Department of Health and Human Services (HHS) on “Digital Health Privacy: FTC and OCR Perspectives.” For companies venturing into the digital health space, privacy and security are critical issues that must be addressed from day one. Digital health companies face unique privacy regulations as they are monitored by both the FTC and the HHS Office for Civil Rights (OCR).
This interactive session examined hypotheticals that explore which privacy and security rules apply to a wide range of digital health companies, from mobile health apps to personal health records to voice-activated devices. Here are some key takeaways for digital health companies:
- Navigating this new digital health privacy landscape requires
- keeping an eye on the latest enforcement actions by OCR, FTC, and state attorneys general;
- reviewing the latest guidance documents interpreting laws and regulations like Health Insurance Portability and Accountability Act (HIPAA) and Section 5 of the FTC Act; and
- incorporating emerging privacy and security best practices, including Privacy by Design and Security by Design.
- Many digital health companies straddle multiple privacy and security regulatory regimes.