Mobile Privacy

Subscribe to Mobile Privacy via RSS

As physicians, nurses, therapists and health care providers continue to utilize new smart phones, tablets, and laptops in caring for patients, the Department of Health and Human Services (“HHS”) has responded with educational videos, worksheets and guidance to help health care providers  create a “culture of compliance and awareness” and to protect patients’ Protected Health Information (“PHI”).  While the material is focused on health care professionals, the information is also applicable to group health plan professionals and their business associates who use mobile devices to store and transmit PHI in connection with administration of group health plans.

As health care providers, patients, family members, friends, and disaster relief agencies such as the American Red Cross continue to grapple with the aftermath of Hurricane Sandy it is important to be mindful of privacy regulations and to prepare in advance for the next emergency. The Health Insurance Portability and Accountability Act  of 1996 (“HIPAA” or “Privacy Rule”) protects individually identifiable health information held by “covered entities.” The information protected is referred to as protected health information or PHI. The Privacy Rule permits covered entities to disclose PHI for a variety of purposes including to (a) treat patients; (b) identify, locate and notify family members, guardians, or anyone else responsible for an individual’s care; (c) obtain the services of disaster relief agencies; (d) conduct public health activities; and (e) prevent or lessen serious and imminent threats to health or safety.

In March of this year, Taco Bell Corp. joined the ranks of companies that have been sued under the Telephone Consumer Protection Act ("TCPA"), not for sending an unsolicited text message to a consumer in the first instance, but for sending a confirmatory message when a consumer chose to opt out of receiving future messages. Recently, the federal district court in Ibey v. Taco Bell Corp., 12-cv-0583 (HVG) (S.D. Cal. June 18, 2012) concluded “that the TCPA does not impose liability for a single, confirmatory text message.”

A month after the Mobile Marketing Association released its Mobile Application Privacy Policy Framework (which we blogged about here), the GSM Association (GSMA) announced the release of its Privacy Design Guidelines for Mobile Application Development. The guidelines seek to provide developers with specific design points meant to enhance mobile application users’ abilities to guard personal information within mobile apps.

On February 22, 2012, California’s Attorney General, Kamala D. Harris, entered into an agreement with several leading providers of mobile devices and app stores to increase consumer privacy protection for mobile applications or “apps.” Under the agreement’s terms, these companies have agreed to redesign their app stores to provide a location for app developers to display their privacy policies.