Challenges of 'Unique' Care Delivery During COVID-19Privacy Expert Deven McGraw on Emerging Privacy, Security Concerns
The COVID-19 crisis is presenting an array of new privacy and security challenges for healthcare providers adapting to protecting patient's medical information in new care settings, says privacy attorney Deven McGraw, chief regulatory officer of Ciitizen, a consumer health technology startup.
The coronavirus outbreak has forced healthcare entities to be "creative and flexible" in how they deliver care, such as via telehealth as well as testing facilities set up in parking lots. And that's creating new privacy and security hurdles, she says in a video interview with Information Security Media Group.
In the interview, McGraw also discusses:
- The Department of Health and Human Services' Office for Civil Rights' recently issued waivers for certain HIPAA provisions and notices of enforcement discretion during the COVID-19 public health emergency;
- Privacy concerns involving contact-tracing applications;
- Progress made by healthcare entities complying with the HIPAA "right to access" provision, which gives patients the ability to obtain copies of their health information;
- The potential healthcare "silver lining" once the COVID-19 crisis subsides.
McGraw is the chief regulatory officer at Ciitizen, a consumer health technology startup. Previously, McGraw directed U.S. health privacy and security as deputy director of health information privacy at HHS OCR and acting chief privacy officer of the Office of the National Coordinator for Health IT. Prior to that, she managed the Health Privacy Project at the Center for Democracy & Technology and led the privacy and security policy work for the HITECH Health IT Policy Committee.