Dr. David Lenihan has an OpEd on CPO that has me shaking my head “no.”
He writes, in part:
While one might think that U.S. doctors, pharmacies, hospitals, insurers, medical service providers, and healthcare/wellness facilities are the primary entities that could potentially leak, share, or exploit private patient data, the truth is that the most audacious HIPAA violations are being perpetrated every day by Facebook and Google.
Read more at CPO Magazine. Eventually, Dr. Lenihan acknowledges that big tech and the social media platforms are not covered by HIPAA. And while he may not be happy about that and want to see that change, calling Big Tech HIPAA violators is misleading and inaccurate. They are not violating a law that they are not covered by.
There are lots of reasons for Congress to impose more privacy protections on big tech. But Dr. Lenihan’s claims do not advance the conversation.