What Do Self-Driving Cars and Your Heart Monitor Have in Common? The Same Questions About Cybersecurity

Arent Fox partner Sarah Bruno recently published a very interesting alert on new privacy and cybersecurity challenges facing the automotive industry in the age of autonomous vehicles, syncing software, and wearable devices that interact with your vehicle. What does this have to do with the health care industry, you ask? Both the automotive industry and the health care industry are among the largest in the United States. And both industries are the focus of rapid technology development that raise similar, complicated questions about data privacy and security, especially as those technologies increasingly interact with each other.

For example, one company may be providing you a wearable, and another will be the manufacturer of the vehicle that syncs with it, and a third may be using the data to provide you with coupons for stores that are in close proximity to your car. The same wearable may also sync with your personal health record, which likewise interfaces with your heart monitor and your electronic medical record from the hospital. And so on.

As technologies in all facets of your life become more and more interconnected, complicated issues arise about data collection and sharing, and especially cybersecurity. Health information you have downloaded or synced to the wearable may not be protected by HIPAA (unless the wearable company is a covered entity or business associate), so the HIPAA restrictions on the sale and sharing of your health information for marketing purposes will not apply (although the company will still have to consider other obligations for notice, choice and consent, as applicable).

Even more worrisome, in our blog post last year we highlighted the susceptibility of medical devices to hacking. With the possible interconnection of healthcare technology with other technologies – like automotive technology – the hacking of one device could yield a wealth of information to the Bad Guys. For example, if the wearable we describe above gets hacked, the Bad Guys not only might know that you just got a new prescription for high cholesterol, they also may learn that you still drive to the donut shop every Saturday morning! Because hospitals and other health care providers are a common gateway for hackers, they will need to be more vigilant than ever, as their technology could open the door to the appropriation of other data.

As these technologies develop, unanswered privacy and security questions will push US regulators to revisit the breadth and depth of our current privacy and data security laws.

Register now for your free, tailored, daily legal newsfeed service.

What Do Self-Driving Cars and Your Heart Monitor Have in Common? The Same Questions About Cybersecurity
Blog Health Care Counsel

Filed under

Topics

Laws

Popular articles from this firm

Kelsey Grammer, producers of BET’s “The Game” flagged for alleged copyright infringement *

OIG issues favorable Advisory Opinion to pharmaceutical manufacturer related to a free starter or bridge program *

Fried chicken chain may be strong-armed out of trademark rights in the “Popeyes” name *

Who’s laughing now?: “Party Rock Anthem” artist LMFAO loses parody defense in copyright row with rapper Rick Ross *

ITAR dual national and third-country national rule provides new flexibility for foreign companies *

More from Health Care Counsel

In a Case of First Impression, OSHRC Holds that Incidents of Workplace Violence Are Citable Under the OSH Act’s General Duty Clause

Hospitals Win Permanent Injunction Against Lowered Medicare Reimbursement Rates for 340B Drugs; Remedies to be Determined

New Year Reset: The ACA's Status After a Pre-Christmas Surprise

California Wildfires: What Emergency Declarations Mean For Health Care Providers

Is It Reportable? HRSA Updates NPDB Guidebook for the First Time in Three Years

Related practical resources PRO

Related research hubs