Privacy and Security Violations in Healthcare Are Like the Personal Fouls of Football

  1. Google as a California company is subject to CCPA which goes into effect this Jan and retroactively is applied to last June.
  2. Google (or anyone else) is supposed to inform patients prior to doing anything with their data.
  3. A company can use patient data for research but it should be only for a definition of the public interest that outweighs the responsibility to patient privacy.
  4. Software development does not seem to apply to the above unless it can be defended as directly impacting healthcare operations.
  5. For real application development, Google or anyone should be using only de identified data instead of full PHI that isn’t masked.
  6. Compliance wondered how many accounting disclosures this will trigger and if Google had in place the level of logging necessary to comply with an accounting of disclosure request.
  7. One prominent lawmaker is calling for a moratorium to be applied to any similar deals involving any company already under a consent-decree agreement for serious privacy and security violations.

List of Football Penalties (NFL) — dummies

Soccer: Fouls and Penalties Rules — Ducksters

Basketball: Penalties for Fouls — Ducksters

By: Sherri Douville CEO & Board Member, Eric Svetcov CTO/CSO, & Eric Roth, VPO at Medigram with Legal Counsel



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store