United States | Publication | December 2023
Effective January 1, 2024, The Joint Commission announced that it will provide a new certification program, Responsible Use of Health Data, aimed at recognizing hospitals that appropriately utilize data beyond the clinical care setting. The certification will be available for hospitals in the United States.
Notably, the US Department of Health and Human Services (HHS) recently announced a concept paper, Healthcare Sector Cybersecurity. This paper provides an overview of HHS’s cybersecurity strategy within the healthcare realm. The Joint Commission’s new certification and HHS’s concept paper demonstrate the ongoing concerns related to cybersecurity threats and the importance of protecting patient data.
Specifically, The Joint Commission’s Certification is aimed at providing standards for the secondary use of health data. Primary use of health data refers to the use of health data related to an individual to provide healthcare to the individual from which the data was collected.
Secondary use of health data, on the other hand, refers to the use of aggregated health data for purposes beyond treatment of the individuals from which it was collected. Typically, the secondary use of health data is meant to improve healthcare, develop medical technology, monitor public health and contribute to research.
In connection with the new Certification, The Joint Commission noted that while “[n]early 85 percent of US hospitals have the capability to export their patient data for reporting and analysis purposes, according to the Office of the National Coordinator for Health Information Technology . . . there is no standard approach to use de-identified data nor to validate best use practices.”
The Certification will assist hospitals and patients in ensuring: (1) there is a clear procedure by which patients are notified of a hospital’s data sharing practices; (2) the data collected is used beyond the clinical setting for “the greater good” to improve healthcare; (3) proper framework to protect patient privacy when patient data is used for secondary purposes; and (4) the decrease of breaches and the promotion of privacy for patients.
According to The Joint Commission, the Responsible Use of Health Care Certification will target the following areas:
The Certification is meant to portray to patients and others that hospitals with the Certification have appropriate policies and procedures to protect patient data in connection with the secondary use of such data.
Hospitals interested in obtaining the Certification may begin preparing now, and The Joint Commission will accept applications starting January 1, 2024. Please do not hesitate to reach out to our team here at Norton Rose Fulbright for assistance with preparing for the Certification or submitting an application.
Publication
In this edition of Regulation Around the World we review recent steps that financial services regulatory authorities have taken as regards investment research.
Publication
Our Asia Competition Law facts sheets provide insights into the main competition law regimes across Asia, reflecting the experience and reach of our Asia competition team in an ever changing and increasingly complex competition law environment.
Publication
In the seventh in our series of briefings following the passing of the Energy Act 2023 (the Act) on 26 October 2023, our team at Norton Rose Fulbright look at the framework adopted under the Act to build an efficient, flexible, low carbon and low-cost electricity and gas systems and its potential implications.
Subscribe and stay up to date with the latest legal news, information and events . . .
© Norton Rose Fulbright LLP 2023
