Governments and technology companies are increasingly collecting vast amounts of personal data, prompting new laws, myriad investigations and calls for stricter regulation to protect individual privacy. Yet despite these issues, economics tells us that society needs more data sharing rather than less, because the benefits of publicly available data often outweigh the costs. Public access to sensitive health records sped up the development of lifesaving medical treatments like the messenger-RNA coronavirus vaccines produced by Moderna and Pfizer. Better economic data could vastly improve policy responses to the next crisis.

Virginia’s Senate on Friday passed the state’s privacy bill, now landing on the governor’s desk — the latest of several state privacy measures that seem to be advancing faster than Congress can move. We checked in last week with DelBene, whose home state of Washington recently resumed talks on its own privacy bill, to see how she’s thinking about the state-level action and what it means for the path forward on federal legislation. “I feel a great sense of urgency,” said DelBene, chair of the New Democrat Coalition.

Severe disasters – such as the 2021 Texas Winter Storm – impose additional challenges on health care providers. Often questions arise about the ability of entities covered by the HIPAA regulations to share individuals’ health information, including with friends and family, public health officials, and emergency personnel. As summarized in more detail below, the HIPAA Privacy Rule allows patient information to be shared to assist in disaster relief efforts, and to assist patients in receiving the care they need. In addition, while the HIPAA Privacy Rule is not suspended during a public health or other emergency, the Secretary of HHS may waive certain provisions of the Privacy Rule under section 1135(b)(7) of the Social Security Act.