June Compliance Tip

June Compliance Tip

Wearable Medical Devices Safe or Sorry?

Wearable device shipments will increase from

2.5 million Units in 2016 to 97.6 million by 2021

Wearable medical devices are rising in popularity. The next few years could see the devices become the norm and used throughout the healthcare industry. According to a study by Tractica: device shipments will increase from 2.5 million units in 2016 to 97.6 million by 2021.

HIPAA Privacy Infractions? Some regulators and lawmakers are concerned about whether or not these apps should be subject to the HIPAA Privacy rule. Recently The App Association, asked for a "more-sensible implementation of health privacy laws to ensure that the implementation better fits today's mobile world." This is becoming a very controversial debate.

Implementation Support: To support the implementation of HIPAA compliant mobile apps, the US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently announced a web-based tool. This interactive tool will help developers of health-related mobile apps understand what regulations may apply to them. Laws that apply may include: Health Insurance Portability and Accountability Act (HIPAA), Federal Food, Drug, and Cosmetic Act (FD&C Act), and others.

Bottom Line: Of course the final responsibility for the safety of PHI on wearables used in the healthcare setting lies with the healthcare provider. "These devices contain the person's address, date of birth, group number that's stuff hackers can use for a long time and get a lot of benefit out of," said Gary Davis, chief consumer security evangelist at Intel Security. Davis coined 2015 "the year of the health-care breach," due to the increase of big insurance companies and hospitals targeted by hackers.

To be Safe: Your approach as a covered entity to incorporating wearable technology into your plans of care should protect your patients and your practice. We would suggest that you account for the use of wearables in your HIPAA policies and procedureseven if the device itself has been branded HIPAA-compliant.

If you have any questions please contact one of our processional consultants by emailing www.healthcarecompliancepros.com.