Kristen Rosati

Kristen Rosati Presents Tips for Transactions Involving Big Data and Genomics at the American Health Law Association

Academic medical centers and hospital systems are increasingly being approached to share huge volumes of clinical data, biospecimens, and genetic sequencing data with a variety of partners, including pharmaceutical companies, biotech companies, AI and machine-learning companies, and other collaborative research partners. In a presentation at the American Health Law Association Academic Medical Centers and Teaching Hospitals Institute and the Physicians and Hospitals Law Institute in Orlando, Kristen Rosati explained how to manage and share health clinical and genomic data in a way that complies with HIPAA and state privacy laws. As part of her presentation, Kristen delved into special considerations for genomic data, including de-identification of genomic data, and dealing with evolving state genetic privacy laws. She also discussed the importance of implementing a good data...

Read MoreRead More
Headshot of Mel Soliz

Mel Soliz Shares Insights on Data Access and Interoperability at Industry Events

A sought-after thought leader for nationwide events and webinars on health data access and interoperability, Mel Soliz recently spoke about information blocking, TEFCA and the 2021 Cures Act, while also taking time to help health law and clinical informatic students understand the career opportunities in the health data field. Mel’s most recent speaking engagements include: American Health Law Association (AHLA) Webinar Mel presented “To Boldly Go: Meeting Interoperability Requirements Under the 21st Century Cures Act” with her co-speakers before a virtual audience of more than 200 registrants. She covered the real life complexities faces by health care providers and payers in complying with the Information Blocking Rule and CMS interoperability mandates, as well as recent developments in health data interoperability policies, including the Trusted Exchange Framework and Common...

Read MoreRead More
Erin Dunlap

Erin Dunlap Explains What the American Data Privacy & Protection Act Would Mean for Businesses in AZ Big Media

While Congress is considering the American Data Privacy and Protection Act (ADPPA), which is a comprehensive federal data privacy bill, AZ Big Media turned to Erin Dunlap for insight into what businesses can expect if the act is signed into federal law. Erin noted current federal data privacy laws lack broad applicability to today’s digital data landscape. While a number of states have passed consumer data privacy laws, the ADPPA would create national standards for personal information collected by companies and grant individuals more control over the use and disclosure of their personal information. Because ADPPA would apply to many businesses whose data practices have not been regulated at the federal level (or at all) in the past, Erin discussed the need for companies to consider the...

Read MoreRead More
Kristen Rosati

Kristen Rosati Publishes Article on Strategies for Complying with Revised NIH Policies in Harvard Data Science Review

The National Institute of Health’s (NIH) revised Data Management and Sharing Policy requires a data sharing plan for all NIH-funded research, triggering compliance challenges amid quickly evolving federal, state, and international privacy standards.  In a special issue of Harvard Data Science Review, Kristen Rosati published an article on adopting strategies for long-term compliance in light of changing laws. In her article, Kristen recommended strategic, long-term data sharing solutions, including using HIPAA’s expert determination method to de-identify data to minimize potential future disconnects in data de-identification standards. Additionally, in light of concerns about whether de-identification of data is sufficient protection of privacy, and in the absence of a federal law prohibiting the re-identification of individuals in de-identified data sets, she recommends utilizing contractual controls on the use...

Read MoreRead More

Kristen Rosati Outlines Next Steps for Data Privacy Amid Roe v. Wade Reversal in STAT News

In the wake of the Supreme Court’s decision to overturn Roe v. Wade, many women now fear their confidential health records could be used to prosecute them for seeking an abortion in states where it is illegal. Kristen Rosati educated STAT News readers on how both businesses and individuals can protect medical privacy despite HIPAA’s outdated data policies. Kristen explained that HIPAA doesn’t cover many technologies that have emerged since its creation 26 years ago, including devices, apps and online searches that collect sensitive information. HIPAA also does not protect this data from being disclosed to law enforcement. Much of the responsibility to protect women from prosecution, then, will fall on individual companies. For example, she noted, apps could allow users to immediately delete their data,...

Read MoreRead More

Scott Bennett Educates Healthcare Risk Management Readers on Importance of Timely Access Request Responses for HIPAA Compliance

Following the Office for Civil Rights’ (OCR) report to Congress that revealed a 61% increase in HIPAA breaches affecting more than 500 people in 2020, Healthcare Risk Management turned to Scott Bennett for specific actions healthcare organizations should take to avoid complaints surrounding patient access and disclosure requests. Scott encouraged healthcare providers to continuously educate their personnel on the unique requirements and differences between the two types of requests and suggested supplying them with actionable guidance documents to use between trainings. Ensuring every access request is logged and receives a response within 30 days, as HIPAA mandates, will prevent OCR enforcement actions. Scott also recommended healthcare entities conduct a wide-scale security assessment that extends to every piece of hardware and software that touches electronic PHI. A leading...

Read MoreRead More