illustration of wearable technology

Wearable Tech Triggers HIPAA

Does HIPAA Apply?

Your FitBit, Smartwatch or hearing aid, if not connected or communicating to a healthcare provider, is not affected by HIPAA. But when you provide the data to a doctor or a health plan, HIPAA kicks in. The responsibility for compliance is on the provider or the health plan, and those organizations should make sure they comply with HIPAA.

Business Associates

A potential gap in protecting privacy is represented in the number of business associates connected to patient data. Business associates of healthcare providers and health plans also need to comply with HIPAA. Those are the entities that create, receive, maintain or transmit protected health information on behalf of healthcare providers and health plans. In wearable tech, that’s a lot of organizations who are just beginning to develop HIPAA compliance programs. Think Apple, AT&T, Google, Cisco, IBM, Verizon and Amazon.

Value of Wearable Tech

The use of wearable technology is expected to grow because it can improve health outcomes. Studies have shown that remote monitoring can reduce risk of predictable conditions, like stroke. The Journal of the American Medical Association on July 10 published the results of a study aimed at reducing strokes by monitoring patients with atrial fibrillation. The wearable device was much more likely to detect atrial fibrillation more quickly, allowing for immediate intervention and saving lives. More info about the studies here. Some patients are initiating the sharing of their information with their healthcare providers, and insurance companies are beginning to request that PHI be shared. As home health and chronic disease management become more prevalent, the growth in this market will be driven by improved outcomes, convenience and cost reductions. One report projects a growth from $4.36 billion in 2018 to $6.59 billion by 2023.

Risks

The security of electronic transmission is more critical with wearable devices in healthcare. Opportunities for theft through hacking abound by introducing multiple entities and transmission pathways. All the business associates who make this possible, and every covered entity using the data need to understand their HIPAA responsibilities and take steps to protect the privacy of patients who the new technology is designed to serve.

Share This Post

Maggie Hales

Maggie Hales is a lawyer focusing on health information privacy and security. As CEO of ET&C Group LLC she advises health care providers and business associates in 36 states, Canada, Egypt, India and the EU, using The HIPAA E-Tool® to deliver up to date policies, forms and training on everything related to HIPAA compliance.

Copyright © 2023 ET&C Group LLC.

The HIPAA E-Tool® and Protecting Patient Privacy is Our Job®
are registered trademarks of ET&C Group LLC

Terms of Use | Privacy Policy | Cookies Policy | Privacy Settings | HTML/XML Sitemap

Mailing Address
The HIPAA E-Tool
PO Box 179104
St. Louis, MO 63117-9104

Office
8820 Ladue Road Suite 200
St. Louis, MO 63124

Powered by JEMSU