Get Full Government Meeting Transcripts, Videos, & Alerts Forever!
Committee hearing spotlights gaps in privacy and calls to expand HIPAA, bolster TEFCA and accountability for third parties
Summary
EHR vendors, academics and members of Congress warned that current privacy rules do not cover many apps and third parties that handle health‑related data, and urged lawmakers to extend protections or require higher standards for exchange networks.
Witnesses and members at a House health subcommittee hearing said existing privacy rules leave gaps when patient data flows outside traditional health‑care actors — and they urged Congress to close those gaps or require higher standards for exchange networks.
Jackie Gerhardt, a practicing family physician and chief medical officer at Epic, told the committee that "HIPAA only covers actors like health systems, insurers, and their contracted business associates such as Epic," and that patients can be confused about which apps and third parties are covered. She said that is one reason Epic supports TEFCA, the federally endorsed trust framework, because it requires participants to adhere to higher privacy standards.
Why it matters:…
Already have an account? Log in
Subscribe to keep reading
Unlock the rest of this article — and every article on Citizen Portal.
- Unlimited articles
- AI-powered breakdowns of topics, speakers, decisions, and budgets
- Instant alerts when your location has a new meeting
- Follow topics and more locations
- 1,000 AI Insights / month, plus AI Chat
