A bill introduced this week - and
another introduced this past June - aim to protect patient health data gathered
on consumer-facing mHealth wearables like smartwatches, fitness bands and even
apps.
November 15,
2019 - Congress is jumping into the long-simmering debate over the
protection of health data on consumer-facing mHealth wearables.
US Senators Bill
Cassidy (R-LA) and Jacky Rosen (D-NV) have introduced a bill this week that
aims to define how data gathered on smartwatches, fitness bands and other
connected health devices – including mHealth apps - dis protected and prevent
“entities that collect consumer health information” from exposing that data to
other parties.
“The introduction of
technology to our health care system in the form of apps and wearable health
devices has brought up a number of important questions regarding data
collection and privacy,” Rosen said in a press release announcing
the bill, to be called The Stop Marketing And Revealing The Wearables And
Trackers Consumer Health (SMARTWATCH) Data Act. “This commonsense, bipartisan
legislation will extend existing health care privacy protections to personal
health data collected by apps and wearables, preventing this data from being
sold or used commercially without the consumer’s consent.”
The bill’s
introduction comes amidst a flurry of news in the consumer-facing mHealth
arena, including Google’s pending purchase of Fitbit and the announcement that the tech giant will be working
with Ascension – the largest non-profit health system in
the US – to integrate mHealth technology and data collection into the health
system’s care programs.
“The Google/Ascension
news has brought needed scrutiny to the security of Americans’ health data,”
Cassidy said in the press release. “The SMARTWATCH Act prevents big tech data
harvesters from collecting intimate private data without patients’ consent.
Americans should always know their health information is secure.”
The bill defines
consumer health information as “any information about the health status,
personal biometric information, or personal kinesthetic information (such as
keystroke or gait patterns and sleep information) about a specific individual
that is created or collected by a personal consumer device, whether detected
from sensors or input manually.” This would include not only physiological,
biological and behavioral data, but “deoxyribonucleic acid, imagery of the iris,
retina, fingerprint, face, hand, palm, vein patterns, and voice recordings,
from which an identifier template, such as a faceprint, a minutiae template, or
a voiceprint, can be extracted.”
Under the bill, the
organization that collects that data would be barred from transferring,
selling, sharing or allowing access to that data, unless aggregated and
anonymized, to “any domestic information broker or other domestic entity” whose
primary function is to analyze that information for profit or whose primary purpose
is to add commercial value to the entity collecting the data.
The bill goes on to
direct the Health and Human Services Secretary to treat violations in the same way that it would treat HIPAA (Health and
Insurance Portability and Accountability Act) violations.
The legislation
mirrors a bill introduced in June by Senators Amy Klobuchar (D-MN) and Lisa
Murkowski (R-AK) that aims to protect consumer health information not protected
under current laws.
The Protecting Personal Health Data Act (S.1842) would
require the development of regulations that strengthen privacy and security protections,
including setting consent standards that address genetic, biometric and general
personal health data, and give consumers the ability to access, amend and
delete their data. It would also create a National Task Force on Health Data
Protection that would:
·
evaluate
and provide input to address cybersecurity risks and privacy concerns
associated with consumer products that handle personal health data, and the
development of security standards for consumer devices, services, applications,
and software; and
·
study
the long-term effectiveness of de-identification methodologies for genetic and
biometric data, and advise on the creation of resources to
educate consumers about direct-to-consumer genetic testing.
https://mhealthintelligence.com/news/congress-eyes-privacy-protections-for-data-on-mhealth-wearables
No comments:
Post a Comment