Association of American
Medical Colleges
AAMC Wants HHS to Tighten HIPAA Privacy Standards for Individually Identifiable Health Information
The Association of American Medical Colleges has called on the Department of Health and Human Services to tighten privacy standards related to individually identifiable health information under the Health Insurance Portability and Accountability Act.
AAMA raised concerns regarding the confidentiality of protected health information after the HHS proposed changes to the HIPAA privacy rule. The proposal centered on modifications aimed at supporting individuals’ engagement in their care, removing barriers to coordinated care and reducing regulatory burdens on the health care industry.
In its feedback, the organization expressed concern about the increasing role of non-HIPAA entities in accessing PHI. Personal health application developers and vendors are a particular cause of concern, AAMC said.
According to the AAMC, the transfer of PHI through personal health apps should only be allowed if the app vendor has been vetted by an independent organization for meeting minimum privacy and security standards.
The AAMC also recommended that the in-person capturing of PHI be balanced with reasonable health care provider parameters.
In addition, the organization suggested that health care providers be given discretion to fulfill requests to direct PHI to third parties.
The AAMC also asked the HHS in its comments to harmonize the definition of electronic health records with the Health Information Technology for Economic and Clinical Health Act, making it so that EHRs are defined as clinical records created and maintained by health care providers. Doing so would prevent an overwhelming record-keeping burden on providers, the organization said.
The HHS first announced its proposed modifications to the HIPAA rule in December 2020. Comments to the modifications were initially due March 22 but the deadline was later extended to May 6.
Category: Federal Civilian