When Apps get Your Medical Data, Your Privacy May Go With It

“All we’re saying is that patients have a right to choose as opposed to the right being denied them by the forces of paternalism,” he said.

CreditDepartment of Health and Human Services

The Department of Health and Human Services proposed two new data-sharing rules this year to carry out provisions in the 21st Century Cures Act, a 2016 law designed to speed medical innovation.

Dr. Rucker’s office developed the one that would allow patients to send their electronic medical information, including treatment pricing, directly to apps from their health providers. It will require vendors of electronic health records to adopt software known as application programming interfaces, or A.P.I.s. Once the software is in place, Dr. Rucker said, patients will be able to use smartphone apps “in an Uber-like fashion” to get their medical data.

To foster such data-sharing, a coalition of tech giants — including Amazon, Google and Microsoft — has committed to using common standards to categorize and format health information. Microsoft, for instance, has developed cloud services to help health providers, insurers and health record vendors make data available to patients.

“What that lets an individual consumer do is to connect an app or service of their own choice into their health care records and pull down data about their historical lab tests, about their medical problems or condition, about medication prescription,” said Josh Mandel, chief architect for Microsoft Healthcare.

The other proposed rule, developed by the Centers for Medicare and Medicaid Services, would require Medicare and Medicaid plans, and plans participating in the federal health insurance marketplace, to adopt A.P.I.s so people could use third-party apps to get their insurance claims and benefit information.

The regulations are expected to become final this year. Health providers and health record vendors will have two years to comply with the A.P.I. requirements. Electronic health record vendors that impede data-sharing — a practice called “information blocking” — could be fined up to $1 million per violation. Doctors accused of information blocking could be subject to federal investigation.

Source link