RESOURCES

The Confidentiality Coalition works closely with key legislators and regulators to ensure privacy-related policy protects people’s information and does not impede efforts to provide safe, high-quality, and coordinated healthcare.

Legislative

Currently, Congress continues to consider a new federal privacy law, several states have followed California’s lead and have introduced consumer privacy legislation that would impose new requirements on businesses to provide consumers with control of personal data and transparency of data practices.   Last year, the House Energy and Commerce Committee and the Senate Committee on Commerce, Science, and Transportation held hearings examining data privacy issues and key privacy principles for a federal privacy law including enforcement, corporate responsibility, and consumer rights.  Several House and Senate Committee’s and members of Congress have released draft national privacy legislation.

Regulatory

The White House has released a new cybersecurity strategy that includes five components to secure the full benefits of a safe, secure digital ecosystem for all Americans. The House Committee on Oversight and Accountability Subcommittee on Cybersecurity, Information Technology, and Government Innovation held a hearing on this new strategy. President Biden’s fiscal year 2024 budget includes increased funding for the Cybersecurity and Infrastructure Security Agency (CISA). The Administration for Strategic and Preparedness Response (ASPR) has released a cybersecurity framework and implementation guide. The Health and Human Services (HHS) Office for Civil Rights (OCR) is creating three new divisions to conduct better enforcement to protect health data and privacy. OCR shared two reports to Congress on steps taken by the office to investigate complaints, breach reports, and compliance reviews of potential Health Insurance Portability and Accountability Act (HIPAA) violations in 2021. The Federal Trade Commission (FTC) has requested more funding to step up its work on health privacy regulation and has made protecting online health data a priority of its enforcement agenda. The HHS Office of the National Coordinator (ONC) has released a long anticipated proposed rule implementing provisions of the 21st Century CURES Act on health data, technology, and interoperability (HTI-1) and the HHS OIG has issued its final rule on information blocking.