Organization Sought to Govern Compliance with Consumer Data-Use Standards

Jan. 27, 2022
Consumer Privacy Framework for Health Data envisions organization tasked with providing onboarding and education, conducting regular audits, and developing corrective action plans

Executives for Health Innovation (EHI) is coordinating an effort to establish an organization to house a self-regulatory program to govern compliance with new consumer health data-use standards.

Over the last two years, EHI and the Center for Democracy & Technology (CDT) led a process to develop a Consumer Privacy Framework for Health Data. More than 60 organizations from across the healthcare sector participated, and public comment was sought on a set of draft standards in 2020. The final Framework privacy standards, released in February of 2021, included the input of a broad range of consumer, health, technology, civil liberties, and academic organizations. The work was funded by the Robert Wood Johnson Foundation.

The organizations noted that historically, many privacy models have placed too much emphasis on individuals consenting to the use of and access to their health data and company notifications. “These outdated privacy models have failed to protect consumers and meaningfully inform them about how their data might be or is actually used,” they noted.  

The Framework involves a detailed set of data use limits. It covers all information that can be used to make inferences or judgments about a person’s physical or mental health by virtue of a broad definition of “consumer health information.” It applies to all non-HIPAA-covered entities that collect, disclose, or use consumer health information, regardless of the size or business model of the covered entity.

EHI has issued a Request for Proposals (RFP) that focuses on the recommendation made in the Framework to create a self-regulatory program. EHI is seeking an organization to stand up the program, house and manage it. EHI encourages proposals from organizations with experience initiating, implementing, and managing certification and self-regulatory programs, preferably within or related to the health and/or technology sectors.

A governance body tasked with managing member companies, providing onboarding and education, conducting regular audits, and developing corrective action plans or further disciplinary actions – including direct referral to the Federal Trade Commission (FTC) for non-compliance, would provide real, consequential accountability in the absence of federal legal obligations.

All proposals and supporting documents must be submitted electronically by e-mailing the materials to [email protected] by Friday, Feb. 11,2022, at 5:00 PM EST.

Sponsored Recommendations

Elevating Clinical Performance and Financial Outcomes with Virtual Care Management

Transform healthcare delivery with Virtual Care Management (VCM) solutions, enabling proactive, continuous patient engagement to close care gaps, improve outcomes, and boost operational...

Examining AI Adoption + ROI in Healthcare Payments

Maximize healthcare payments with AI - today + tomorrow

Addressing Revenue Leakage in Hospitals

Learn how ReadySet Surgical helps hospitals stop the loss of earned money because of billing inefficiencies, processing and coding of surgical instruments. And helps reduce surgical...

Care Access Made Easy: A Guide to Digital Self Service

Embracing digital transformation in healthcare is crucial, and there is no one-size-fits-all strategy. Consider adopting a crawl, walk, run approach to digital projects, enabling...