This week, the Privacy and Security Workgroup within the Health IT Policy Committee was tasked by the U.S. Department of Health and Human Services (“HHS”) to discuss certain patient data protections.  Specifically, they were asked to consider “updates or additional policies needed to address ethical privacy frameworks and research standards” in the context of health care organizations increasingly participating in data analytics projects.  HHS anticipates sharing the resulting conclusions and/or recommendations with the White House.

Health care organizations are more frequently participating in big data endeavors that pull and combine electronic health data from a number of different sources, such as electronic health records as well as research databases, with varying degrees of security requirements.  The combination of data from these different sources sometimes causes questions regarding data ownership and security obligations.  The White House hopes that recommendations from the Privacy and Security Workgroup may help to navigate this minefield of data ownership and data security issues.

The Privacy and Security Workgroup is set to meet twice during November.  We will post updates here as they become available.