Privacy group asks HHS to regulate the cloud

By John Pulley

December 21, 2012

An advocacy group that endorses giving patients control over sensitive health information is asking the Office of Civil Rights for the Department of Health and Human Services to issue guidelines for regulating cloud computing.

“Health providers will benefit from such guidance as they consider moving to cloud services and patients will benefit by knowing which data privacy and security protections should be in place – both will undoubtedly help increase trust and drive adoption,” wrote Dr. Deborah Peel, founder of the Austin, Texas-based Patient Privacy Rights, in a Dec. 19 letter.

The letter cited the case of Phoenix Cardiac Care, which was fined $100,000 by HHS in April for failing to protect the security of Internet-based personal health information.

The privacy group said guidance should include several criteria:

“To be clear, keeping information confidential and secure needs to be a top priority,” the letter said, “and more specific guidance in the health care ecosystem would help ensure that cloud providers, health care professionals and patients alike are aware of how the privacy and security rules apply to clouds.” 


By John Pulley

December 21, 2012

http://www.nextgov.com/health/health-it/2012/12/privacy-group-asks-hhs-regulate-cloud/60329/