CHIME Applauds Federal Trade Commission’s Actions to Secure Consumer Health Data
CHIME welcomes clarified definition of “personal health record” and Trade Commission’s intent to monetarily penalize bad actors.
WASHINGTON, DC, September 16, 2021 – The College of Healthcare Information Management Executives (CHIME), the professional organization for chief information officers and other senior healthcare IT leaders, expresses enthusiastic support for the Federal Trade Commission’s (FTC’s) statement from Sept. 15, 2021 clarifying the definition of a personal health record under its Health Breach Notification Rule to include third-party apps and the FTC’s intent to hold non-HIPAA covered third-parties responsible for the disclosure of that personal health information.
These actions from the FTC will make a patient’s data more secure and help ensure that those entities who have a breach of this crucial private data are held accountable. Not only does it hold bad and insecure actors accountable, but it also creates a disincentive that urges all personal health records to strengthen their data security practices. The Office of the National Coordinator for Health Information Technology (ONC) information blocking final rule took effect in 2021 and with it brings the awaited delivery of Fast Healthcare Interoperability Resources (FHIR)-enabled application programming interfaces (APIs) to enable even more data flow, making the FTC’s announcement timely and welcome.
“We at CHIME advocated directly for the expansion of the personal health record definition and for the utilization of the FTC enforcement authority in comments to the agency last year, and we are happy to see our concerns directly addressed,” CHIME Policy Steering Committee Co-Chair Scott MacLean said. “Patient data safety is crucial for maintaining trust in the patient-provider relationship, and ensuring that patients’ data remains safe even when they are outside of the four walls of the hospital only helps strengthen that bond.”
CHIME looks forward to supporting the FTC in its efforts to implement these policy changes. We have long stood as staunch supporters of all efforts in both Congress and the Federal Agencies that ensure patient data stays secure and is never compromised in a way that could jeopardize patient care or trust in the American healthcare system. As we near the end of Fiscal Year 2021 and begin Fiscal Year 2022, CHIME will continue to support all new and continued efforts to build on this week’s important and welcome FTC action.
The College of Healthcare Information Management Executives (CHIME) is an executive organization dedicated to serving chief information officers (CIOs), chief medical information officers (CMIOs), chief nursing information officers (CNIOs), chief innovation officers (CIOs), chief digital officers (CDOs) and other senior healthcare IT leaders. With more than 5,000 members in 56 countries plus two U.S. territories and over 150 healthcare IT business partners and professional services firms, CHIME and its three associations provide a highly interactive, trusted environment enabling senior professional and industry leaders to collaborate, exchange best practices, address professional development needs and advocate the effective use of information management to improve the health and care in the communities they serve. For more information, please visit chimecentral.org.
Editor, Communications & Media Relations