Kirk Nahra, Deven McGraw
The health care industry is reasonably comfortable with the HIPAA framework and rules. However, it is increasingly clear that the HIPAA rules – due to its tortured legislative history – miss much of the health care information that is being created today. At the same time, new laws – at the state, federal and international levels – are creating inconsistencies and awkward overlaps with HIPAA, for covered entities and others. In addition, as health care programs increasingly become aware of “non-health” factors in individual health – think social determinants of health or other factors involving non-obviously health information that is beneficial to health analytics or partnerships with non-traditional providers – that the HIPAA rules also may not be sufficiently supportive of some of these modern efforts. This is an increasingly important direction for health plans in general and is driving mandates from CMS and Medicaid programs as well. This session will explore these issues and identify how the health care privacy rules need to adapt to this new environment.
Kirk Nahra, Partner, WilmerHale
Deven McGraw, Chief Regulatory Officer, Ciitizen