Abstract

http://ssrn.com/abstract=2298158
 


 



The Future of HIPAA in the Cloud


Frank A. Pasquale III


University of Maryland Francis King Carey School of Law; Yale University - Yale Information Society Project

Tara Adams Ragone


Seton Hall University School of Law, Center for Health & Pharmaceutical Law & Policy

June 30, 2013

Seton Hall Public Law Research Paper No. 2298158
U of Maryland Legal Studies Research Paper No. 2013-43

Abstract:     
This white paper examines how cloud computing generates new privacy challenges for both healthcare providers and patients, and how American health privacy laws may be interpreted or amended to address these challenges. Given the current implementation of Meaningful Use rules for health information technology and the Omnibus HIPAA Rule in health care generally, the stage is now set for a distinctive law of “health information” to emerge. HIPAA has come of age of late, with more aggressive enforcement efforts targeting wayward healthcare providers and entities. Nevertheless, more needs to be done to assure that health privacy and all the values it is meant to protect are actually vindicated in an era of ever faster and more pervasive data transfer and analysis.

After describing how cloud computing is now used in healthcare, this white paper examines nascent and emerging cloud applications. Current regulation addresses many of these scenarios, but also leaves some important decision points ahead. Business associate agreements between cloud service providers and covered entities will need to address new risks. To meaningfully consent to new uses of protected health information, patients will need access to more sophisticated and granular methods of monitoring data collection, analysis, and use. Policymakers should be concerned not only about medical records, but also about medical reputations used to deny opportunities. In order to implement these and other recommendations, more funding for technical assistance for health privacy regulators is essential.

Number of Pages in PDF File: 56

Keywords: HIPAA, Omnibus HIPAA Rule, Cloud, Cloud computing, privacy, health privacy, health privacy laws, health information technology, health information law, HIPAA enforcement, health privacy regulation, covered entities, business associates, HIPAA subcontractors, HIPAA agency, medical reputations

working papers series


Download This Paper

Date posted: July 25, 2013  

Suggested Citation

Pasquale, Frank A. and Ragone, Tara Adams, The Future of HIPAA in the Cloud (June 30, 2013). Seton Hall Public Law Research Paper No. 2298158; U of Maryland Legal Studies Research Paper No. 2013-43. Available at SSRN: http://ssrn.com/abstract=2298158 or http://dx.doi.org/10.2139/ssrn.2298158

Contact Information

Frank A. Pasquale III
University of Maryland Francis King Carey School of Law ( email )
500 West Baltimore Street
Baltimore, MD 21201-1786
United States
410-706-4820 (Phone)
410-706-0407 (Fax)
Yale University - Yale Information Society Project ( email )
127 Wall Street
New Haven, CT 06511
United States
Tara Adams Ragone (Contact Author)
Seton Hall University School of Law, Center for Health & Pharmaceutical Law & Policy ( email )
One Newark Center
Newark, NJ 07102-5210
United States
973-642-8197 (Phone)
973-642-8799 (Fax)
HOME PAGE: http://law.shu.edu/Faculty/fulltime_faculty/Tara-Ragone.cfm
Feedback to SSRN


Paper statistics
Abstract Views: 513
Downloads: 102
Download Rank: 156,201

© 2014 Social Science Electronic Publishing, Inc. All Rights Reserved.  FAQ   Terms of Use   Privacy Policy   Copyright   Contact Us
This page was processed by apollo8 in 0.281 seconds