How to Protect Employee Privacy in the Era of Big Data
While the Health Insurance Portability and Accountability Act (HIPAA) was adopted into law over twenty years ago, changes in the environment of healthcare and health insurance continue to bring questions to the forefront for patients and organizations. Big data availability combined with the imminent need to control healthcare costs can influence organizations to consider collecting, evaluating, and tracking their employees’ health information. Despite this push, employers must be diligent in considering which information and which technologies are implemented in order to protect their employees and to abide by HIPAA laws and regulations.
While covered entities such as health plans, healthcare providers, and healthcare clearinghouses are required to follow HIPAA’s privacy rule, some companies are not subject to the same regulation. For example, companies that provide wearable technologies, provide genetic testing/genetic data management, analyze big data, or other healthcare-related solution companies may not be considered a HIPAA-covered entity by definition.
Additionally, for small employers who may want to become more involved in managing the healthcare costs of their employees through health and wellness programs, several questions can arise when determining which companies to work with and how employee data will be handled. If the health and wellness company is considered a HIPAA covered entity, how will data be secured and encrypted? How will employees be informed of the methods by which their personal health information (PHI) is being utilized? How will the company ensure that employee data is not being released to any third-party entities?
In an era where the health information related to patients/employees becomes increasingly more accessible, employers must do their due diligence in protecting the privacy and confidentiality of such information. Should these safeguards not clearly be in place, employees may lose their trust in the organization. Additionally, if such concerns become public, recruitment efforts will undoubtedly become more difficult.