While health information is protected in doctors’ offices, hospitals and other healthcare institutions, that simply isn’t the case in the online world. The Department of Health and Human Services warns that HIPAA privacy regulations do not apply to information you reveal on social media, in emails and web searches or when using health apps. The unfortunate fact is that information you provide when using these applications is fair game, often being gathered by data aggregators for sale to insurers, employers and others.
Another problem is that the privacy policies included by websites contain pages of small print and are seldom read. Too many people just assume their information is protected, click “accept” and move on. In 2014, the State of California adopted a law that extends HIPAA-like protection to online medical information, requiring medical apps to meet the same standards of confidentiality required by healthcare providers. Many believe that with more and more medical information moving online, it’s time for other states to follow.