ACTIVITY

State of Play:¬† Congress continues to examine the need for national privacy legislation. Both Democrats and Republicans have introduced legislation instituting a national privacy framework, but legislation is not expected to pass in this Congress. In light of the Colonial Pipeline cyber-attack, the House and Senate have both introduced legislation requiring entities that experience cyber attacks to report to the Cybersecurity and Infrastructure Security Agency (CISA) within a limited amount of time. The Biden Administration has also taken a more active role in privacy and security actions. The Federal Trade Commission (FTC) has signaled interest in pursuing privacy regulations without congressional legislation and the Department of Justice (DOJ) has announced that it will use the False Claims Act to prosecute entities who fail to implement proper cybersecurity protections. businesses who are the victim of cybersecurity breaches to file a report to the Cybersecurity and Infrastructure Security Agency (CISA). Congress is also debating provisions in the Build Back Better Act that would provide $1B to the Federal Trade Commission (FTC) to establish a new privacy bureau. Several major cities have required the use of ‘vaccine passports’ in order to visit certain indoor businesses.

2022

May

  • On May 12, the Confidentiality Coalition sent a letter to the Senate Health, Education, Labor and Pensions (HELP) Committee for their hearing on, “Cybersecurity in the Health and Education Sectors.”
  • On May 5, the Confidentiality Coalition submitted comments to the Securites and Exchange Commission (SEC) on their proposed rule on cybersecurity incident reporting.

April

  • On April 25, the Confidentiality Coalition submitted comments to the National Institute of Standards and Technology (NIST) on their request for information on revisions to the NIST Cybersecurity Framework.

March

  • On March 24, Jeff Rothblum with the Senate Homeland Security and Governmental Affairs Committee (HSGAC) gave a presentation to the Confidentiality Coalition on legislative activity to strengthen cybersecurity infrastructure.
  • On March 24, the Confidentiality Coalition and the Workgroup for Electronic Data Interchange wrote the Department of Health and Human Services (HHS) and the Department of Commerce encouraging the protection of patient data collected via third-party applications.
  • On March 11, the Confidentiality Coalition submitted comments to the Federal Trade Commission (FTC) and the Department of Justice (DOJ) information on their request for information on merger enforcement.

February

  • On February 17, the Confidentiality Coalition hosted a presentation and discussion on proposals to impose civil monetary penalties (CMPs) for violations of the HIPAA Privacy Rule.

January

  • On January 20, Rob Tennant Vice President for Federal Affairs with the Workgroup for Electronic Data Interchange (WEDI) gave a presentation to the Confidentiality Coalition on legislative and regulatory advocacy on privacy for 2022.
2021

November

  • On November 18, John Rancourt, Director for the Interoperability Division with the Office of the National Coordinator for Health Information Technology (ONC) at the Departemnt of Health and Human Services (HHS) gave a presentation to the Confidentiality Coalition on the Trusted Exchange Framework and Common Agreement (TEFCA).

October

  • On October 26, the Confidentiality Coalition submitted comments to The Sequoia Project on the Common Agreement component of TEFCA.
  • On October 21, Jordan LaCrosse and Amy Terjal with Avenue Solutions gave a presentation to the Confidentiality Coalition on legislative developments on privacy and security.
  • On October 5, the Confidentiality Coalition sent a letter to the Senate Committee on Commerce, Science, & Technology for their hearing on “Enhancing Data Security.”

September

  • On September 30, Confidentiality Coalition Chair Tina Grande presented at the Privacy + Security Forum on, “Revisions to the HIPAA Privacy Rule.”
  • On September 28, the Confidentiality Coalition sent a letter to the Senate Committee on Commerce, Science, & Technology for their hearing on, “Protecting Consumer Privacy.”
  • On September 16, Alicia Bowers,¬† Enterprise Chief Privacy and Compliance Officer and Todd Greene, Enterprise Chief Information Security Officer for Atrium Health gave a presentation to the Confidentiality Coalition on privacy and security compliance challenges in the healthcare sector.

July

  • On July 27, the Confidentiality Coalition submitted comments to the National Committee on Vital and Health Statistics (NCVHS) Subcommittee on Standards on their request for comments for their August listening session.
  • On July 27, the Confidentiality Coalition sent a letter to the House Committee on Energy and Commerce Subcommittee on Consumer Protection & Commerce for their hearing on, “Transforming the FTC: Legislation to Modernize Consumer Protection.”
  • On July 15, Greg Garcia with the Healthcare and Public Health Sector Coordinating Council (HSCC) gave a presentation to the Confidentiality Coalition on cybersecurity challenges in the healthcare sector.

June

  • On June 17, Mark Kazmierczak and Ryan Ritterson with Gryphon Scientific gave a presentation to the Confidentiality Coalition on regulation of health data in China.

May

  • On May 26, the Healthcare Leadership Council and the Confidentiality Coalition held a joint webinar on, “HIPAA: Privacy, Security and New Challenges, Oh My!” Panelists included representatives from AdvaMed, Mayo Clinic and Merck KGaA, Darmstadt, Germany.
  • On May 6, the Confidentiality Coalition submitted comments to the Office of Civil Rights (OCR) on the proposed rule to make revisions to the HIPAA Privacy Rule to reduce barriers to coordinated care.
  • On May 5, the Confidentiality Coalition sent a letter to the House Committee on Homeland Security Subcommittee on Cybersecurity, Infrasturcture, & Innovation for their hearing on, “Responding to Ransomware: Exploring Policy Solutions to a Cybersecurity Crisis.”

April

  • On April 15, Thomas Millar and Beau Woods with the Cybersecurity and Infrastructure Security Agency (CISA) gave a presentation to the Confidentiality Coalition on how CISA is working with stakeholders to respond to cybersecurity threats during the COVID-19 pandemic.

March

  • On March 18, Elisa Jillson, Counsel to the Director of the Bureau of Consumer Protection, with the Federal Trade Commission (FTC) gave a presentation to the Confidentiality Coalition on the FTC’s regulatory outlook for 2021.

February

  • On February 19, Amy Terjal with Avenue Solutions gave a presentation to the Confidentiality Coalition on potential privacy legislation in the 117th Congress.

January

  • On January 7, the Confidentiality Coalition held a walkthrough of OCR’s proposed changes to the HIPAA Privacy Rule.
  • On January 4, the Confidentiality Coalition submitted¬†comments to the Centers for Medicare and Medicaid Services (CMS) on their proposed rule on provider burden and promoting interoperability.