PogoWasRight.org

Menu
  • About
  • Privacy
Menu

De-identified data exception in HIPAA poses a litigation risk

Posted on April 17, 2020June 24, 2025 by Dissent

Patricia S. Calhoun is a health care attorney with an interest in privacy issues with Carlton Fields, P.A., where Patricia M. Carreiro is a data privacy and cybersecurity litigation attorney. They have an opinion piece on Stat News this week. They write:

As money pours into health care startups built around artificial intelligence — more than 350 deals totaling $4 billion in 2019 — the field is generally overlooking the potential litigation risk surrounding the de-identified data exception in HIPAA.

The writers then focus on the  “de-identitifed” exception in HIPAA and suggest that given how much big data already exists, the idea that data really can’t be re-identified may be more of a pipe dream than anything else. So if data doesn’t fall under the “de-identified” exception to HIPAA, those developing new apps for tracking contacts, for example, need to consider whether they can be sued for failing to get patient authorization to disclose data.

Read more on Stat News.

 

 

Related posts:

  • “Out Of Control”: Dozens of Telehealth Startups Sent Sensitive Health Information to Big Tech Companies
Category: BreachesBusinessHealthcare

Post navigation

← Making COVID-19 Apps Data Protection Compliant
Penn State employee loses bid to revive email privacy lawsuit at 3rd Circuit →

Now more than ever

Search

Contact Me

Email: info@pogowasright.org

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

Categories

Recent Posts

  • Congress tries to outlaw AI that jacks up prices based on what it knows about you
  • Microsoft’s controversial Recall feature is now blocked by Brave and AdGuard
  • Trump Administration Issues AI Action Plan and Series of AI Executive Orders
  • Indonesia asked to reassess data privacy terms in new U.S. trade deal
  • Meta Denies Tracking Menstrual Data in Flo Health Privacy Trial
  • Wikipedia seeks to shield contributors from UK law targeting online anonymity
  • British government reportedlu set to back down on secret iCloud backdoor after US pressure

RSS Recent Posts on DataBreaches.net

  • Scattered Spider Hijacks VMware ESXi to Deploy Ransomware on Critical U.S. Infrastructure
  • Hacker group “Silent Crow” claims responsibility for cyberattack on Russia’s Aeroflot
  • AIIMS ORBO Portal Vulnerability Exposing Sensitive Organ Donor Data Discovered by Researcher
  • Two Data Breaches in Three Years: McKenzie Health
  • Scattered Spider is running a VMware ESXi hacking spree
©2025 PogoWasRight.org. All rights reserved.
Menu
  • About
  • Privacy