EHI Releases Report: The Case for Accountability: Protecting Health Data Outside the Healthcare System
Report Introduces an independently governed self-regulatory program for non-HIPAA-covered health data, managed by BBB National Programs.
Webinar: Data Privacy & Public Health: The Impact of COVID-19 & Where We Go From Here
OVERVIEW
The COVID-19 pandemic highlighted a number of issues in our health care system, not least of which was patient data privacy. On a normal day, questions around which rules apply to which data, at what time, and to what extent are difficult to answer – and it is only more complex in the midst of a global pandemic, when access to timely data is critical.
The second event in EHI's Public Health Modernization series, a panel of experts discussed current privacy requirements related to public health data, how this impacts our public health system, and potential steps to address the issues that arose during the pandemic.
Featured Speakers:
- Chuck Curran, Principal, Charles D. Curran Consulting LLC
- Madeline Gitomer, Senior Associate, Hogan Lovells
- Alice Leiter, Vice President & Senior Counsel, Executives for Health Innovation (EHI)
- William Marella, Vice President, Value Based Care and Data Analytics, HealthShare Exchange (HSX)
Webinar: Ensuring Provider Data Isn’t the Source of Surprises
The No Surprises Act (NSA) which went into effect on January 1, 2022, provides consumers federal protections from unexpected medical bills. One of the provisions of the No Surprises Act requires health plans to update their provider directories more frequently. This gets to the root cause of surprise billing, which is patients’ ability to easily identify which providers are in-network. If payers can update their directory in just 48 hours, as the law mandates, patients will have a much better chance of finding care that’s actually covered by their plans.
Comment Letter: 2023 – 2026 National Health Security Strategy RFI
The healthcare and public health sector is considered a critical infrastructure sector. As such, it is essential that the industry maintain robust cybersecurity protections. While the majority of the industry is privately owned, the federal government plays an integral part in the cybersecurity efforts by coordinating efforts across industry partners, such as with the National Health Security Strategy.
Please see the letter below for EHI’s responses to the specific questions in the request for information (RFI) to help shape the 2023 – 2026 National Health Security Strategy.
Report: The Case for Accountability: Protecting Health Data Outside the Healthcare System
Overview With the explosive proliferation of digital technologies, an ever-increasing amount of health data is generated by consumers themselves. This data is both held and used by companies that are not bound by the obligations of HIPAA, leaving that data largely under-protected and under-regulated. With the generous support of the Robert Wood Johnson Foundation (RWJF), the Executives for Health Innovation (EHI, formerly the eHealth Initiative) and the Center for Democracy & Technology (CDT) released the Consumer Privacy Framework for Health Data (the Framework) in February of 2021. The Framework outlines the current gaps in legal protections and discusses how non-HIPAA-covered health data should be used, accessed, and disclosed. A second round of funding from RWJF led to the development of two follow-up reports, The Case for Accountability: Protecting Health Data Outside the Healthcare System, authored by EHI, and Placing Equity at the Center of Health Care & Technology, authored by CDT. |
![]() |
The Final Report
EHI’s report makes the case for why a robust accountability mechanism is needed to govern the use of health data held and used by health tech companies. In the absence of new federal data privacy legislation, EHI has put forward a private-sector solution – a neutral, independently run self-regulatory program that will oversee the data use policies and procedures of Framework members.
Self-Regulatory Program
In January 2022, EHI launched a Request for Proposals from organizations interested in housing and running the Framework’s self-regulatory program. After careful consideration of the proposals submitted by an independent, objective committee of experts, EHI is delighted to announce that it has selected BBB National Programs to implement and house this new program, overseeing compliance with the Framework and protecting consumer health data not bound by the obligations of HIPAA.
Webinar: HIPAA for Dummies
Overview
You’re not dummies! But the legal protections surrounding health data are complicated, and we’re here to help. During the webinar, we broke down the HIPAA law, its regulations, and detailed the “wild west” landscape of protections for health data once it leaves the traditional healthcare system. Alice Leiter, Vice President & Senior Counsel, Executives for Health Innovation (EHI)
Speakers:
- Alice Leiter, Vice President & Senior Counsel, Executives for Health Innovation (EHI)
Report: Executive Spotlight: Responding to Ransomware
Actionable advice from cybersecurity experts
Preparing for the inevitable cyber attack takes time, money, and extra hard work. There is no one right way to prepare, nor is there a single solution to picking up the pieces after the attack. Ransomware events in particular demonstrate that context, insights, and diverse perspectives are critical in planning for how health delivery organizations (HDO) remain resilient to ensure patient safety and peace of mind. Booz Allen partnered with Executives for Health Innovation (EHI) to hold an expert roundtable entitled Responding to Ransomware Attacks: Practical Advice and Experiences. During the session, executives and cybersecurity experts discussed why attacks occur, how hospitals and health systems can better prepare and respond to these attacks, and the pros and cons of paying the ransom. This publication illustrates Booz Allen’s approach and EHI’s guidance to members on effectively mitigating cyber attacks against hospitals and healthcare systems, including:
|
![]() |
Webinar: EHI & CDT Release Second Phase of Consumer Privacy Framework for Health Data
OVERVIEW
Hosted by Executives for Health Innovation (EHI) and the Center for Democracy & Technology (CDT), this webinar was the culmination of a project spearheaded by EHI and CDT and generously funded by the Robert Wood Johnson Foundation (RWJF), which aims to protect consumer data that is both held and used by companies that are not bound by the obligations of HIPAA.
Webinar: Data Privacy & Public Health: The Impact of COVID-19 & Where We Go From Here
OVERVIEW
The COVID-19 pandemic highlighted a number of issues in our health care system, not least of which was patient data privacy. On a normal day, questions around which rules apply to which data, at what time, and to what extent are difficult to answer – and it is only more complex in the midst of a global pandemic, when access to timely data is critical.
Webinar: HIPAA for Dummies
OVERVIEW
You’re not dummies! But the legal protections surrounding health data are complicated, and we’re here to help. During the webinar, we broke down the HIPAA law, its regulations, and detailed the “wild west” landscape of protections for health data once it leaves the traditional healthcare system.
Speaker:
Alice Leiter, Vice President & Senior Counsel, Executives for Health Innovation (EHI)