Tag Archives: ftc

Attention mHealth, HIT and Telemedicine App Developers: Privacy and Security By Design Is Critical

Mobile health (“mHealth”) medical app developers, including health information technology (“HIT”) and telemedicine app developers, tend to focus on FDA requirements. Indeed since many of these apps may be categorized as medical devices, and the FDA approval process is lengthy, developers are wise to focus on whether an app is regulated by the FDA. But a successful developer should also build privacy protections (e.g., privacy policies) and security protections (e.g., disaster recovery) into its product from the earliest stages. The Federal Trade Commission (“FTC”) calls this “Privacy By Design.” “Security By Design” is the corollary. Continue reading Attention mHealth, HIT and Telemedicine App Developers: Privacy and Security By Design Is Critical

Warning: If You Handle Protected Health Information (PHI) or Personally Identifiable Information (PII), Buy Data Breach and Security Incident Insurance!

We live in the data age where every day a new technology is announced in business- and consumer-oriented ecommerce and mobile health (mhealth). In response, in recent years, federal and state legislators have enacted strict data privacy and security laws, such as HIPAA, COPPA, and Gramm-Leach-Bliley, to protect data whether in electronic (IT) or physical form. This data is known as protected health information under HIPAA and personally identifiable information under other statutes. New federal and state laws also mandate comprehensive data breach responses, including notifications to individuals whose PHI or PII was breached and some agencies and state attorneys general. The shared premise behind these laws is that the public expects the highest standard of data protection from businesses and government. (Whether or not this is true – after all we regularly give our credit card numbers to anonymous persons over the phone – is a subject for another day…)

Continue reading Warning: If You Handle Protected Health Information (PHI) or Personally Identifiable Information (PII), Buy Data Breach and Security Incident Insurance!