Jan 16

The HIPAA Compliance of Wearable Technology

Wearable devices and smart phones are being used more and more to collect Patient Generated Health Data (PGHD). Naturally physicians are wondering about the security risks and HIPAA responsibilities associated with this new development. Let’s examine the facts of this new use of technology. Coupled with this, we’ll delve into any safeguards clinicians should be enacting to protect themselves.

What are the associated security risks with wearable devices and mobile phones?

Anytime data is transferred there is an inherent security risk to consider, as keeping data secure is of the utmost importance. The biggest risk facing these types of consumer technologies is the lack of oversight and standardized regulations surrounding these devices and how data is collected and transferred. To this end, providers must be aware of these risks and take steps to protect themselves. These safeguards include processes such as encryption and strong cyber security practices.

Is there a potential for HIPAA issues with wearable tech?

Unfortunately this question doesn’t come with a very simple answer. Essentially, the use of wearable technology in the healthcare space is a bit of an unclear area regarding HIPAA compliance. If a consumer is using a wearable to collect health data for their own personal use, HIPAA doesn’t apply. However, when a provider asks a patient to submit the health data they collected with wearable tech, HIPAA plays a role. HIPAA applies once a wearable interfaces with a practice’s EHR system.

Remember that HIPAA regulations only apply to covered entities and business associates. This grouping includes clearinghouses, health plans, and providers. There aren’t very cut and dry HIPAA regulations related to wearable technology at this point. However, once a provider becomes involved with receiving data from a piece of wearable technology, that exchange is subjected to HIPAA regulations.

Are there safeguards physicians should be putting into place?

First of all, medical practices and other healthcare organizations using wearable technology to collect PGHD should set up a protected space.  Ideally, in this space, patients submit data that is then encrypted, summarized, and then moved into the practice’s EHR software. Ensure that your patients understand where the information will be stored and what its purpose will be. In addition, it’s a good idea to look into what other privacy regulations, such as state laws, may apply to any devices you’re utilizing.

Finally, maintaining an overall level of cyber security is also important, including training your employees on policies and procedures meant to protect data. The potential benefits to collecting and utilizing PGHD through wearable technology creates a strong case for analyzing your practice’s participation. If you decide to utilize this technology collection, ensure that you implement a program that is both safe and effective.

Are you a MicroMD customer who’s interested in using wearable technology to collect PGHD in your practice? Do you want to know how MicroMD can aid in this initiative? We’d love to work with you. Visit micromd.com or call 1-800-624-8832 for more information.

Looking for PM or EMR Software?

MicroMD PM and EMR/EHR  is flexible and can fit almost any specialty. Let us help you get back to the business of healing.

Request Demo

About The Author

Leave a reply

Your email address will not be published. Required fields are marked *

About

BlogMD, an educational blog powered by Henry Schein MicroMD, has been developed to help independent practices navigate the constantly changing healthcare landscape.

Our goal is to provide your practice the information you need to get you back to what you do best – healing. We blog. You heal.

Topics

Connect

Contact Us

760 Boardman-Canfield Road
Boardman, OH 44512

Phone: 1.800.624.8832

Privacy Policy  |   Terms


blogMD powered by MicroMD