Medical gadgets have been a notable and increasingly prominent addition to the health landscape in the last few years.
Yet despite the benefits of such technology there is currently a distinct lack of legislation and regulation related to them.
In the United States, legislators are currently tackling this issue, with the Obama administration addressing the paucity of guidance for manufacturers of such devices.
It is well known among American government experts that the federal patient privacy law known as HIPAA (Health Insurance Portability and Accountability Act of 1996) has not kept pace with wearable fitness trackers, mobile health apps and online patient communities.
This was noted in a recent damning and delayed government report, which was actually supposed to have been compiled by the end of 2010.
Yet the US Department of Health and Human Services has frustrated many observers of both the technology and healthcare industries in the United States by failing to provide specific recommendations, despite being asked for them by the federal government.
The existing Health Insurance Portability and Accountability Act, the landmark 1996 patient-privacy law, only covers patient information kept by health providers, insurers and data clearinghouses, as well as their business partners.
Technology such as Fitbit falls outside of this legislation, yet enables users to store a huge amount of personal health information and data.
The new report has been compiled by the Department of Health and Human Services’ Office of the National Coordinator for Health Information Technology, in conjunction with other agencies, and notes that there is a legislative gap related to health devices.
“Health privacy and security law experts have a reasonably clear idea of where HIPAA protections end, but the layperson likely does not. Moreover, even entrepreneurs, particularly those outside the health care industry…may not have a clear understanding of where HIPAA oversight begins and ends,” the report observes.
But the authors of the report nonetheless suggest that it is an important milestone in the regulation of this industry, stating that readers can ultimately draw their own conclusions from the findings outlined in the text.
“At the end of the day, it’s a very complicated environment that we find ourselves in,” Lucia Savage, chief privacy officer at the Office of the National Coordinator for Health Information Technology, which took the lead on the report, suggested. “We believe we’re fulfilling our duties. If Congress has concerns about that, I’m sure that we will hear about them.”
A study conducted in 2014 assessed 600 of the most popular used health apps, and discovered that less than one-third have explicit privacy policies.
And policies on Apple and Google mobile phone platforms “may be inconsistent, not articulated to individuals, or simply ignored by web developers skirting the rules that operating system developers attempt to impose on them,” according to the recently published report.
This can be considered of particular concern to the UK healthcare system, considering the recent public-private partnership between Google and the NHS.
The new US report can be seen as a stepping stone to the safeguarding of this crucial area of technology.