App developers seek clearer US health data privacy guidelines

App developers seek clearer US health data privacy guidelines

SAN FRANCISCO - Developers of apps for mobile devices are asking a US agency to clarify its rules for protecting patient health information to reflect the fast-evolving technology.

On Monday, a consortium of start-ups including CareSync, AirStrip and AngelMD, sent a letter to Pennsylvania Republican Representative Tom Marino, to express their frustration at the lack of developer-friendly online resources surrounding the privacy rules, known as HIPAA. Apps such as AirStrip are particularly concerned about security and privacy, as they provide data to doctors to help them make urgent care decisions.

In the letter viewed by Reuters, the developers said they are struggling to compete with larger vendors that have the resources to hire lawyers and consultants. They say they must rely on government websites, which have not been updated recently.

Regulators "have not kept pace with the rapid growth of technology that gives users greater access to healthcare providers and more control over their health information," the letter said.

This complaint comes at a time developers, lobbyists and policymakers are engaged in heated discussions about how to oversee the growing mobile health market. Earlier on Monday, representatives from various government agencies addressed how to manage health data at the annual Consumer Health IT Summit.

Morgan Reed, executive director of the App Association, a group that claims to represent 5,000 mobile app companies, said that start-ups and large tech companies alike, including Apple Inc and Samsung Electronics, are seeking clarity on how sensitive health data can be stored and shared.

The App Association was among those that signed the letter to Marino. Reed said some developers are relying on information that was last updated in 2006, months before the release of the iPhone and other mobile devices.

Developers also asked that the government provide better guidance about how health data can be stored in the cloud. In the letter, they request that the government provide a developer-friendly list of frequently asked questions and other documentation, and that the Department of Health and Human Services increase its participation in mobile health events.

Marino said he previously asked developers in the start-up community to provide a list of specific grievances with the Department of Health and Human Services, or HHS. "A company should not be forced to staff up with a dozen lawyers simply to ensure they are in compliance with the law,"he said.

"Rather, the burden should be on a transparent and responsive government to provide clarity and guidance, so companies can focus on growing their businesses and providing better and more innovative products and services to the public."

A spokesman for HHS said the agency has posted information online about security requirements for mobile health tools. (http://bit.ly/1qXpivW) "The goal is to make sure that health information, no matter what form, paper or electronic, is kept safe and secure," he said.

This website is best viewed using the latest versions of web browsers.