Legislation & Lobbying

Health data isn't secure; 'antiquated' HIPAA needs to regulate Facebook and Google, experts say

  •  
  •  
  •  
  • Print

Millions of patient medical records are being breached because of inadequate security measures, says a Journal of the American Medical Association study of government records published on Tuesday.

Frequent problems included outright theft of records and health companies relying on third parties to safeguard patient information, reports the Los Angeles Times (sub. req.).

“The personal information of patients in the United States is not safe, and it needs to be,” said the Commonwealth Fund’s Dr. David Blumenthal and partner Deven McGraw of Manatt Phelps & Phillips in an accompanying editorial.

Among needed improvements, the two said, is an overhaul of the “antiquated and inadequate” Health Insurance Portability and Accountability Act. It does not focus on Facebook and Google, for instance, but needs to: Whether intentionally or otherwise, the social media giants collect health data and “and could become major custodians of data in the future,” the editorial says.

Give us feedback, share a story tip or update, or report an error.