Code on computer.

Rise in Hospital Ransomware Attacks Requires Government Intervention

By Jenna Becker

Last week, widespread ransomware attacks against hospital systems forced several hospitals to go offline. 

Despite the growing risk of cyberattacks against hospitals, the health care industry has been left to address this issue on their own. Ransomware attacks, named for the fee that these malicious viruses attempt to extract, can be very challenging to address, involving complex cybersecurity protocols.

Unfortunately, many hospitals lack the resources and the time required to prevent this malware from spreading. The government has provided minimal resources to hospital systems looking to enhance their cybersecurity. Resource-strapped hospitals require significant government support to address the growing threat of ransomware.

Read More

computer and stethoscope

How Telehealth Could Improve — or Worsen — Racial Disparities

By Craig Konnoth, JD, M.Phil., Wendy Netter Epstein, JD, and Max Helveston, JD

Despite upping the stakes of America’s partisan divide, the pandemic has prompted bipartisan support for at least one cause — the rapid rollout of telehealth, which allows people to see their doctors by videoconference or telephone.

In last week’s executive order, the Trump Administration reaffirmed its commitment to the use of telehealth. While telehealth may be, in many ways, a panacea for access to healthcare, particularly in COVID times, we should be concerned that patients of color may be left behind.

Read More

Medicine doctor and stethoscope in hand touching icon medical network connection with modern virtual screen interface, medical technology network concept

Insufficient Protections for Health Data Privacy: Lessons from Dinerstein v. Google

By Jenna Becker

A data privacy lawsuit against the University of Chicago Medical Center and Google was recently dismissed, demonstrating the difficulty of pursuing claims against hospitals that share patient data with tech companies.

Patient data sharing between health systems and large software companies is becoming increasingly common as these organizations chase the potential of artificial intelligence and machine learning in healthcare. However, many tech firms also own troves of consumer data, and these companies may be able to match up “de-identified” patient records with a patient’s identity.

Scholars, privacy advocates, and lawmakers have argued that HIPAA is inadequate in the current landscape. Dinerstein v. Google is a clear reminder that both HIPAA and contract law are insufficient for handling these types of privacy violations. Patients are left seemingly defenseless against their most personal information being shared without their meaningful consent.

Read More

stethoscope on computer keyboard

How Traditional Health Records Bolster Structural Racism

By Adrian Gropper, MD

As the U.S. reckons with centuries of structural racism, an important step toward making health care more equitable will require transferring control of health records to patients and patient groups.

The Black Lives Matter movement calls upon us to review racism in all aspects of social policy, from law enforcement to health. Statistics show that Black Americans are at higher risk of dying from COVID-19. The reasons for these disparities are not entirely clear. Every obstacle to data collection makes it that much harder to find a rational solution, thereby increasing the death toll.

Read More

A frustrated woman sits at her desk, staring at her computer. Her head is resting in her hand

Patient-Directed Uses vs. The Platform

By Adrian Gropper, MD

This post originally appeared on The Health Care Blog.

This piece is part of the series “The Health Data Goldilocks Dilemma: Sharing? Privacy? Both?” which explores whether it’s possible to advance interoperability while maintaining privacy. Check out other pieces in the series here.

It’s 2023. Alice, a patient at Ascension Seton Medical Center Austin, decides to get a second opinion at Mayo Clinic. She’s heard great things about Mayo’s collaboration with Google that everyone calls “The Platform”. Alice is worried, and hoping Mayo’s version of Dr. Google says something more than Ascension’s version of Dr. Google. Is her Ascension doctor also using The Platform?

Alice makes an appointment in the breast cancer practice using the Mayo patient portal. Mayo asks permission to access her health records. Alice is offered two choices, one uses HIPAA without her consent and the other is under her control. Her choice is: Read More

DNA sequence

How the Internet and The Mapping of the Human Genome Disrupted the Teaching of Health Law: Does The 21st Century Really Change Everything?

This piece was part of a symposium featuring commentary from participants in the Center for Health Policy and Law’s annual conference, Promises and Perils of Emerging Health Innovations, held on April 11-12, 2019 at Northeastern University School of Law. The symposium was originally posted through the Northeastern University Law Review Online Forum.

Promises and Perils of Emerging Health Innovations Blog Symposium

We are pleased to present this symposium featuring commentary from participants in the Center for Health Policy and Law’s annual conference, Promises and Perils of Emerging Health Innovations, held on April 11-12, 2019 at Northeastern University School of Law. As a note, additional detailed analyses of issues discussed during the conference will be published in the forthcoming issue of the Northeastern University Law Review.

Throughout the two-day conference, speakers and attendees discussed how innovations, including artificial intelligence, robotics, mobile technology, gene therapies, pharmaceuticals, big data analytics, tele- and virtual health care delivery, and new models of delivery, such as accountable care organizations (ACOs), retail clinics, and medical-legal partnerships (MLPs), have entered and changed the healthcare market. More dramatic innovations and market disruptions are likely in the years to come. These new technologies and market disruptions offer immense promise to advance health care quality and efficiency, as well as improve provider and patient engagement. Success will depend, however, on careful consideration of potential perils and well-planned interventions to ensure new methods ultimately further, rather than diminish, the health of patients, especially those who are the most vulnerable.

In her post for the Promises and Perils of Emerging Health Innovations blog symposium, Jennifer S. Bard addresses many of the negative impacts of new health technologies, particularly as they apply to patient privacy. Bard points to special concerns in how we use health information related to DNA, mental health, and chronic illness. Throughout her piece, Bard also highlights the fact that law has not caught up to changes in technology and privacy issues, which causes more concern about how society and the healthcare system use these innovations.

How the Internet and The Mapping of the Human Genome Disrupted the Teaching of Health Law: Does The 21st Century Really Change Everything?

By Jennifer S. Bard

Read More

Illustration of a person running away carrying "stolen" 1's and 0's

Measuring Health Privacy – Part II

This piece was part of a symposium featuring commentary from participants in the Center for Health Policy and Law’s annual conference, Promises and Perils of Emerging Health Innovations, held on April 11-12, 2019 at Northeastern University School of Law. The symposium was originally posted through the Northeastern University Law Review Online Forum.

Promises and Perils of Emerging Health Innovations Blog Symposium

We are pleased to present this symposium featuring commentary from participants in the Center for Health Policy and Law’s annual conference, Promises and Perils of Emerging Health Innovations, held on April 11-12, 2019 at Northeastern University School of Law. As a note, additional detailed analyses of issues discussed during the conference will be published in the 2021 Winter Issue of the Northeastern University Law Review.

Throughout the two-day conference, speakers and attendees discussed how innovations, including artificial intelligence, robotics, mobile technology, gene therapies, pharmaceuticals, big data analytics, tele- and virtual health care delivery, and new models of delivery, such as accountable care organizations (ACOs), retail clinics, and medical-legal partnerships (MLPs), have entered and changed the healthcare market. More dramatic innovations and market disruptions are likely in the years to come. These new technologies and market disruptions offer immense promise to advance health care quality and efficiency, as well as improve provider and patient engagement. Success will depend, however, on careful consideration of potential perils and well-planned interventions to ensure new methods ultimately further, rather than diminish, the health of patients, especially those who are the most vulnerable.

In this two-part post for the Promises and Perils of Emerging Health Innovations blog symposium Ignacio Cofone engages in a discussion centered on the importance of addressing patients’ concerns when introducing new health technologies. While privacy risks may not always be avoided altogether, Cofone posits that privacy risks (and their potential costs) should be weighed against any and all health benefits innovative technology and treatments may have. To do so, Cofone introduces the concept of using health economics and a Quality-Adjusted Life Year (QALY) framework as a way to evaluate the weight and significance of the costs and benefits related to health technologies that may raise patient privacy concerns.

Measuring Health Privacy – Part II

By Ignacio N. Cofone

Read More

Illustration of cascading 1's and 0's, blue text on a black background

Measuring Health Privacy – Part I

This piece was part of a symposium featuring commentary from participants in the Center for Health Policy and Law’s annual conference, Promises and Perils of Emerging Health Innovations, held on April 11-12, 2019 at Northeastern University School of Law. The symposium was originally posted through the Northeastern University Law Review Online Forum.

Promises and Perils of Emerging Health Innovations Blog Symposium

We are pleased to present this symposium featuring commentary from participants in the Center for Health Policy and Law’s annual conference, Promises and Perils of Emerging Health Innovations, held on April 11-12, 2019 at Northeastern University School of Law. As a note, additional detailed analyses of issues discussed during the conference will be published in the 2021 Winter Issue of the Northeastern University Law Review.

Throughout the two-day conference, speakers and attendees discussed how innovations, including artificial intelligence, robotics, mobile technology, gene therapies, pharmaceuticals, big data analytics, tele- and virtual health care delivery, and new models of delivery, such as accountable care organizations (ACOs), retail clinics, and medical-legal partnerships (MLPs), have entered and changed the healthcare market. More dramatic innovations and market disruptions are likely in the years to come. These new technologies and market disruptions offer immense promise to advance health care quality and efficiency, and improve provider and patient engagement. Success will depend, however, on careful consideration of potential perils and well-planned interventions to ensure new methods ultimately further, rather than diminish, the health of patients, especially those who are the most vulnerable.

In this two-part post for the Promises and Perils of Emerging Health Innovations blog symposium, Ignacio Cofone engages in a discussion centered on the importance of addressing patients’ concerns when introducing new health technologies. While privacy risks may not always be avoided altogether, Cofone posits that privacy risks (and their potential costs) should be weighed against all health benefits innovative technology and treatments may have. To do so, Cofone introduces the concept of using health economics and a Quality-Adjusted Life Year (QALY) framework to evaluate the weight and significance of the costs and benefits related to health technologies that may raise patient privacy concerns.

Measuring Health Privacy – Part I

Read More

Doctor types on a laptop

A Delicate Balance: Proposed Regulations May Upset the Tension between Accessibility and Privacy of Health Information

This piece was part of a symposium featuring commentary from participants in the Center for Health Policy and Law’s annual conference, Promises and Perils of Emerging Health Innovations, held on April 11-12, 2019 at Northeastern University School of Law. The symposium was originally posted through the Northeastern University Law Review Online Forum.

Promises and Perils of Emerging Health Innovations Blog Symposium

We are pleased to present this symposium featuring commentary from participants in the Center for Health Policy and Law’s annual conference, Promises and Perils of Emerging Health Innovations, held on April 11-12, 2019 at Northeastern University School of Law. Throughout the two-day conference, speakers and attendees discussed how innovations, including artificial intelligence, robotics, mobile technology, gene therapies, pharmaceuticals, big data analytics, tele- and virtual health care delivery, and new models of delivery, such as accountable care organizations (ACOs), retail clinics, and medical-legal partnerships (MLPs), have entered and changed the healthcare market. More dramatic innovations and market disruptions are likely in the years to come. These new technologies and market disruptions offer immense promise to advance health care quality and efficiency, and improve provider and patient engagement. Success will depend, however, on careful consideration of potential perils and well-planned interventions to ensure new methods ultimately further, rather than diminish, the health of patients, especially those who are the most vulnerable.

In his piece for the Promises and Perils of Emerging Health Innovations blog symposium, Oliver Kim emphasizes the important role trust plays in the provider-patient relationship. Kim unpacks the challenges that come with the introduction and incorporation of new health technology, and further cautions against the potential for erosion of trust when introducing third-parties into the relationship.

A Delicate Balance: Proposed Regulations May Upset the Tension between Accessibility and Privacy of Health Information

Read More

Illustration of a street lined with houses

Genetic Discrimination in Housing and Lending: What’s the Risk?

By Kaitlyn Dowling, based on research by the Cyberlaw Clinic at the Berkman Klein Center for Internet & Society

Illustration of a gavel made out of a DNA helixIn a year-long series on Bill of Health, we’ll be exploring the legal scholarship on genetic non-discrimination. We’ll talk more about GINA and state laws protecting citizens from genetic discrimination. We hope these posts help shed light on this complex and ever-more-relevant area for legal scholars, policymakers, and the public at large. Read the previous posts in the series.

Nondiscrimination in Housing and Lending

Most states regulate the use of genetic information in some way, but protections are typically limited to employment and insurance. To most people, those two areas of protection seem obvious: it’s easy to see why your health insurer would want to know if you’re likely to become expensive to cover. Likewise, you can also understand why potential employers would want to know if they’re about to hire a worker who’s likely to need significant time off to attend to health issues. Only a select number of states ban genetic information discrimination in other contexts, like education, disability insurance, and life insurance.

Read More