Current Health Data Landscape
While the use and disclosure of certain health-related data is regulated by the Health Insurance Portability and Accountability Act (HIPAA), data collected and used by makers of wearable devices, health and wellness apps, online services, and the Internet of Things is not covered by HIPAA. As a result, momentum for federal action covering non-HIPAA health data is building.
American Data Privacy and Protection ActIntroduced in June 2022, the ADPPA would give consumers more control over their personal data across the board.
Health Breach Notification RuleThe FTC requires companies not covered by HIPAA to notify customers of a breach of unsecured, individually identifiable health information.
As the call to action to protect consumer health information grows louder, companies who collect and use health-related data not covered under HIPAA have an opportunity to take proactive steps to get ahead of regulation and meet the privacy needs of their customers.
New Independent Accountability Program
For more than 50 years, BBB National Programs has embraced its neutral role in the execution of more than a dozen independent industry self-regulation, accountability, and dispute resolution programs.
This program will:
- Gather input from select business leaders on the front lines of non-HIPAA consumer health data management.
- Leverage a COPPA Safe Harbor model, where participating companies receive a certification seal for their product, demonstrating compliance with established privacy standards.
- Provide ongoing support to participants as their new products and services are offered to consumers.
- Ensure participants’ certified products and services are compliant with state and federal data privacy requirements.
- Help consumers find the products and services they can trust.
No matter the size of your business, protecting data privacy should be a priority and is a key component of maintaining customer trust.
The certification process includes a comprehensive verification and readiness assessment for your product as well as ongoing monitoring and support from the BBB National Programs privacy team. As a participant, your certification seal will demonstrate to customers that your product or service complies with the stringent requirements of the program.
- Evaluate your products’ data collection practices for compliance
- Vet your advertising data collection practices, including first- and third-party trackers
- Review your privacy policies, terms, and notices to ensure necessary requirements are met
- Clear instructions and recommendations on next steps
- Developer checklists to help facilitate privacy by design
- Personalized consultations to discuss existing and emerging privacy laws
- Regular monitoring and real-time alerts to ensure you remain in compliance
- Confidence that your products are fully compliant with established standards
- Hands-on support when privacy laws, regulations, practices, and guidelines change
- Ongoing privacy counseling with a fast turnaround time and sensitivity to your deadlines
- Complimentary educational opportunities and custom privacy trainings