A brand new Washington state legislation would require firms to obtain a person’s express consent earlier than they’ll acquire, share, or promote their well being information. Washington Governor Jay Inslee signed the My Well being, My Knowledge invoice into legislation on Thursday, giving customers the appropriate to withdraw consent at any time and have their information deleted.
The legislation ought to assist protect customers’ well being information from the businesses and organizations not included below the HIPAA Privateness Rule, which prevents sure medical suppliers from disclosing “individually identifiable” well being data with out consent. The HIPAA Privateness Rule doesn’t cowl lots of the well being apps and websites that acquire medical information, permitting them to freely acquire and promote this data to advertisers.
Underneath Washington’s new legislation, which comes into impact in March 2024, medical apps and websites should ask a person for permission to gather their well being information in a nondeceptive method that “brazenly communicates a client’s freely given, knowledgeable, opt-in, voluntary, particular, and unambiguous written consent.” The positioning and apps should additionally disclose what sort of information they plan to gather and in the event that they plan to promote it. Moreover, the invoice will block medical suppliers from utilizing geofencing to gather location details about the sufferers that go to the ability.
“My Well being, My Knowledge protects the independence and dignity of people once they make healthcare choices,” says Consultant Vandana Slatter (D), one of many invoice’s backers. “It prevents vulnerabilities within the technological period which can be getting used to focus on and exploit shoppers who will not be conscious of the huge information that all the things from our watches and telephones acquire.”
As extra states ban entry to abortion care, sufferers in these states have gotten more and more involved about native authorities accessing their on-line information when visiting or trying to find an out-of-state abortion clinic. That’s a part of the explanation why lawmakers are engaged on payments that might enhance privateness protections on a nationwide degree. Final month, Democrats launched the Upholding Protections for Well being and On-line Location Knowledge (UPHOLD) Privateness Act that might bar firms from promoting personal well being data, whereas Congress additionally held a listening to on the American Knowledge Privateness and Safety Act (ADPPA), which supplies customers the flexibility to request the deletion of their information.