Security News > 2021 > July > How health tech can secure patient data post-CURES Act
The central promise of the CURES Act is its information blocking ban, which prohibits health information providers from restricting patients' access to their EHRs.
Health information providers may be required to send patients their data when they request it, but the CURES Act isn't the only law on their minds.
Specifically, health tech companies can focus on the following standards to show EHR providers and patients that their data remains secure, even as these records become more readily accessible.
HIPAA strictly regulates who can access patient data, meaning health tech companies would do well to review any existing BYOD policies.
These health tech apps can set a standard for heightened security from the start, both to ensure only the patient has access to data, and to convey the seriousness with which patients should approach using these apps.
Patients will gain access to the EHRs via health tech apps, but what information can they get from the apps themselves? Information about what data is being collected and for what purpose can be coupled with clear guidelines for gaining more specific information about the app's own user data file.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/Y0jpJBCdmIg/