HIMSS calls for Congress to Adopt Comprehensive Privacy Law, Framework for AI Implementation in Healthcare

HIMSS, a global advocate for digital health transformation, called for the United States Congress to adopt a robust, comprehensive health privacy law that is universally implementable and applicable to all entities that access protected health information regardless of site or platform.

The call to action, included in a HIMSS response to a request for comment from the Committee on Health, Education, Labor, and Pensions (HELP) minority leader Senator Bill Cassidy, indicates that the United States “needs a robust, comprehensive privacy law that is universally implementable, applicable to all entities that access protected health information regardless of site or platform and offers the flexibility that may be required to deliver appropriate care to an individual.”

The HIMSS letter notes that the rapidly changing health ecosystem, which includes websites, applications and other direct-to-consumer health technologies, has created new risks to protected health information.

The call to action indicates that any actor who has the capability of accessing protected health information should have the same level of privacy protection and breach notification responsibilities as HIPAA-covered entities.

HIMSS indicated that these protections and responsibilities are critical to establishing seamless, secure, ubiquitous and nationwide data access and interoperable health information exchange to transform the health ecosystem and promote health innovation at the institutional and personal level.

In addition to a call to action on privacy, HIMSS offered recommendations in response to Exploring Congress’ Framework for the Future of AI, a whitepaper published by the Committee on Health Education Labor and Pensions about the oversight and legislative role of Congress over the integration of artificial intelligence in the healthcare sector.

HIMSS emphasized that “artificial intelligence” can’t be an overarching catch-all terminology for legislative and regulatory oversight, noting differences in the types and functions of AI and machine learning applications and differences in the types of data used to feed the models.

In the AI whitepaper response, HIMSS called on Congress to encourage the healthcare community to adopt consensus-based based practices, standards and guidelines for the types of resource information and best practices for revalidation of the models, training and technical support commercial developers of AI models should share with the end-users of their solutions.