{"id":48415,"date":"2022-09-12T15:31:24","date_gmt":"2022-09-12T15:31:24","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/33828\/Who-Owns-Digital-Health-Data-HIPPA-Privacy-Myths-May-Put-Women-At-Risk.html"},"modified":"2022-09-12T15:31:24","modified_gmt":"2022-09-12T15:31:24","slug":"who-owns-digital-health-data-hippa-privacy-myths-may-put-women-at-risk","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/who-owns-digital-health-data-hippa-privacy-myths-may-put-women-at-risk\/","title":{"rendered":"Who Owns Digital Health Data? HIPPA Privacy Myths May Put Women At Risk"},"content":{"rendered":"<p>For women, privacy and control over health information has never been more important, as the U.S. continues its abortion access fight and as some states criminalize the procedure. But beyond the political debate, knowledge gaps on the actual protections for and control of digital health data may lead to severe consequences.<\/p>\n<p>Several reports within the last few months have furthered these digital health privacy concerns, including two showing <a href=\"https:\/\/www.scmagazine.com\/analysis\/application-security\/lawsuit-accuses-facebook-of-scraping-health-data-from-hospital-websites\" target=\"_blank\" rel=\"noreferrer noopener\">Facebook\u2019s Pixel tool allegedly<\/a> scraping hospital data. The <a href=\"https:\/\/www.scmagazine.com\/analysis\/breach\/1-3m-novant-health-patients-notified-of-unintended-disclosure-via-facebook-pixel\" target=\"_blank\" rel=\"noreferrer noopener\">Novant Health ACE<\/a> breach notice that soon followed the report seemed to confirm the dubious practices as 1.4 million patients were told of an \u201cunintended disclosure\u201d via the Meta tool.<\/p>\n<p>During the same time period, reports out of Nebraska showed Facebook was issued a subpoena compelling it to <a href=\"https:\/\/www.scmagazine.com\/analysis\/privacy\/how-will-meta-treat-personal-data-after-high-courts-abortion-ruling\" target=\"_blank\" rel=\"noreferrer noopener\">release private communications<\/a> with law enforcement over illegal abortion claims against a 41-year-old woman and her daughter.<\/p>\n<p>Kayte Spector-Bagdady, an associate director at the University of Michigan Medical School\u2019s Center for Bioethics and Social Sciences in Medicine, says it\u2019s the latter scenario that should be of prime concern to women under the current abortion climate, in combination with misconceptions about digital health control and privacy.<\/p>\n<p><strong><em><a href=\"https:\/\/www.scmagazine.com\/women-in-it-security\" data-type=\"URL\" data-id=\"https:\/\/www.scmagazine.com\/women-in-it-security\">Click here for full coverage of the 2022 Women in IT Security.<\/a><\/em><\/strong><\/p>\n<p>Spector-Bagdady is a clinical ethicist and leads in other academic roles. She was also the former associate director for the Obama administration\u2019s presidential Commission for the Study of Bioethics. She mused, \u201cthis is the moment.\u201d<\/p>\n<p>The Facebook scenarios bring up several different regulatory regimes. While Spector-Bagdady has no personal knowledge of the report on the company\u2019s alleged data scraping, if appointment information, health concerns, and personal names were indeed pulled by the app, it could be a violation of the Health Insurance Portability and Accountability Act.<\/p>\n<p>HIPAA regulates identifying data like names combined with health information, like the kind of appointment you need. She added that in a traditional sense it \u201cshould indeed be protected by HIPAA.\u201d<\/p>\n<p>In light of these reports, extensive nuances, and the criminalization of abortion in some states, SC Media spoke with Spector-Bagdady on the current state of digital health privacy and controls to disbunk key myths and find ways to protect providers, and their patients.<\/p>\n<h2>Who is in control of consumer health data?<\/h2>\n<p>Those in healthcare are keenly aware of the limitations of HIPAA: that it only applies to specific covered entities and business associates and its outdated nature limits its controls over consumer-generated data and health app developers.<\/p>\n<p>Meanwhile, the COVID-19 national emergency revealed the chasm between privacy perceptions around health data and actuality. Consumers tend to believe they have more control over their own health information than they actually do, said Spector-Bagdady. \u201cHealth information is only protected by federal law under very narrow and specific circumstances.\u201d<\/p>\n<div>\n<figure class=\"wp-block-image alignleft size-full\"><img decoding=\"async\" src=\"https:\/\/cdn.scmagazine.com\/wp-content\/uploads\/2022\/09\/download.jpeg\" alt class=\"wp-image-445821\"><figcaption>Kayte Spector-Bagdady, University of Michigan Medical School<\/figcaption><\/figure>\n<\/div>\n<p>For example, when stores were asking people to present their vaccination card before entering, people were concerned about their HIPAA rights. But it clearly wasn\u2019t a violation as the rule applies only to healthcare entities and not private businesses and no one else.<\/p>\n<p>In addition, if the health data lacks some very specific identifying information, like the full name or Social Security number, the information \u201ccan be shared pretty freely.\u201d Spector-Bagdady stressed that HIPAA\u2019s main protection is for clinical information.&nbsp;<\/p>\n<p>\u201cEven our de-identified clinical information doesn&#8217;t have HIPAA protection,\u201d she said. De-identified data is still defined by the regulation, which was drafted in the 1990s. As a result, it \u201cdoesn&#8217;t at all govern commercial gathering or use of health information or health proxy information.&nbsp;<\/p>\n<p>\u201cThere are almost no protections under HIPAA or any other data privacy regulation in the U.S. to protect against a state law enforcement, subpoenaing, or discovery requests or any other kind of law enforcement technique to gather information because there are huge exceptions in HIPAA for criminal law enforcement requests,\u201d Spector-Bagdady continued.<\/p>\n<p>These myths around how health information is protected may lead consumers to share more information than they intended. These misconceptions and the gaps in HIPAA gaps raise numerous privacy and safety red flags and put women, and perhaps providers, at risk of legal action in states where the practice has been criminalized.<\/p>\n<h2>Users creating inadvertent healthcare digital footprint<\/h2>\n<p>To Spector-Bagdady, there are two big data issues people don\u2019t understand: the data mosaic and how much health proxy data they&#8217;re leaving behind as they go through their day-to-day activities.&nbsp;<\/p>\n<p>For example, if someone visits their local pharmacy and uses their pharmacy discount card or credit card every time they check out, or buy tampons the same time every month, and one month, they buy a pregnancy test and no tampons. If they start buying tampons again two months later, that\u2019s likely \u201chealth proxy information that can be discoverable and used against them in a criminal case.\u201d<\/p>\n<p>The data mosaic refers to people feeling able to share their personal information on Facebook, professional information on Twitter, or information about who you want to date on Tinder. \u201cPeople aren&#8217;t thinking about these companies that are gathering all of those data together, which paints a much more complete picture of people,\u201d she explained. People need to know not to \u201crely on private companies to protect information they feel is personal.\u201d<\/p>\n<p>\u201cYou should never trust that a conversation you have on Facebook or a conversation that you have and the direct messages of Twitter to be ultimately completely private,\u201d said Spector Bagdady. \u201cDisconcertingly in the space, even when you&#8217;re talking to your doctor, if what you&#8217;re talking about is criminal in your state: they can still attempt to discover those conversations.\u201d<\/p>\n<p>Further, it\u2019s become increasingly clear that there are many ways to identify data that has been \u201cde-identified\u201d under the HIPAA standard. \u201cFor example, if somebody has my geolocation data, I am the only person on the face of the earth that goes from my house to my office and back every single day,\u201d said Spector-Bagdady.&nbsp;<\/p>\n<p>The combination of geolocation data to other kinds of data shared on the device, like weight tracking and adding it it other geolocation data, \u201clike visiting an abortion clinic, you suddenly get a very vivid picture, not only of who I am as a person, but some health information about me.\u201d<\/p>\n<p>This precise scenario has driven several congressional investigations and <a href=\"https:\/\/www.scmagazine.com\/analysis\/privacy\/after-fall-of-roe-v-wade-congress-calls-for-ftc-probe-of-mobile-tracking-by-google-apple\" target=\"_blank\" rel=\"noreferrer noopener\">proposals<\/a>, as well as legal actions by the <a href=\"https:\/\/www.scmagazine.com\/analysis\/privacy\/ftc-official-vows-to-crack-down-on-companies-misusing-consumer-health-data\" target=\"_blank\" rel=\"noreferrer noopener\">FTC against data brokers<\/a> allegedly selling health information.<\/p>\n<p>A classic example of this is period tracker apps. People put in information about when they have sexual intercourse, when they have their period, when they don&#8217;t have their period, how they&#8217;re feeling, she explained. There have been past exposes that show some of those period tracker apps, at least in some point in time, were <a href=\"https:\/\/www.scmagazine.com\/analysis\/application-security\/flo-health-faces-class-action-for-data-sharing-practices-with-facebook-google\" target=\"_blank\" rel=\"noreferrer noopener\">sharing that data directly to Facebook<\/a>.<\/p>\n<p>That kind of information and data sharing can reveal really personal information, like that kind of data sharing can reveal really personal information, like when you were not pregnant, when you stopped having your period and then when you started having your period again.<\/p>\n<p>\u201cWe haven&#8217;t traditionally identified that as sort of HIPAA-protected, abortion care-related information. But states that are criminalizing performance of or access to an abortion can then use those data to support criminal allegations,\u201d said Spector-Bagdady.<\/p>\n<h2>Can companies share health data?<\/h2>\n<p>The reports on the law enforcement actions in Nebraska spotlight data control concerns, where Facebook was compelled to share private messages between a mother and a daughter with criminal law enforcement.<\/p>\n<p>Spector-Bagdady notes it\u2019s a completely different situation from simply scraping data or tracking geo-location data to build user profiles because it\u2019s \u201cin the world of commercial health information.\u201d The reports centered on \u201chealth proxy information,\u201d not records held by a doctor, but a person \u201ctalking about their health information in what an assumed private conversation.\u201d<\/p>\n<p>\u201cThere are many exceptions to any sort of privacy when law enforcement requests those records,\u201d said Spector-Bagdady. \u201cTo some extent, it&#8217;s almost up to the private companies with how much they&#8217;re going to fight against those subpoenas and requests for information.\u201d<\/p>\n<p>While she does not have personal knowledge about Facebook\u2019s relationship with law enforcement and what legally occurred, there are companies that have \u201cbeen very clearly aggressive in pushing against that kind of warrant for information.\u201d<\/p>\n<p>Similar issues arose years ago, when the FBI asked Apple to unlock a phone of the suspected San Bernadino killer. In more recent years, it\u2019s an issue 23andme has been quite public about: sharing how frequently law enforcement requests data from them and how many times they&#8217;ve actually been forced to give the data to them after fighting.&nbsp;<\/p>\n<h2>Protecting healthcare providers and their patients<\/h2>\n<p>Consumers need to be better aware of the current state of data, privacy, and control. As Spector-Bagdady notes, \u201cpeople see things like Facebook and Twitter as a public forum or even a private place to have personal conversations, and they&#8217;re owned by private companies.\u201d<\/p>\n<p>\u201cThere are all these exceptions that people just don&#8217;t even realize,\u201d she added.<\/p>\n<p>A June JAMA article written by Spector-Bagdady and Michelle Mello, a leading empirical health law scholar with a joint appointment at the Stanford University School of Medicine in the Department of Medicine, outlines the importance of clinicians speaking with patients about online privacy, particularly when it comes to reproductive health and in the current climate.<\/p>\n<p>Although Spector-Bagdady stressed that \u201cwe always put so much on our first-line practitioners.\u201d<\/p>\n<p>However, in states where abortion has been criminalized, \u201cit&#8217;s critical for clinicians to be having that discussion. It\u2019s also time to remind clinicians not to record unnecessary medical information\u201d as there is a lot of information shared, some of which could be extraneous.<\/p>\n<p>\u201cThis is a place we should revisit: what actually needs to be written down in the medical record, such that we can take good continuous care of a patient over the long term, versus what is speculation and potentially not necessary or helpful for that patient,\u201d she added.<\/p>\n<p>For clinicians, currently stuck in this untenable situation, Spector-Bagdady stressed the importance of relying on phone calls for those complicated conversations, as they \u201ccan\u2019t be discovered.\u201d<\/p>\n<p>Email is one of those challenging areas, particularly as people may use work email as a private email, which is owned by their employer \u2014 including the information stored in the account. And \u201ceven if you&#8217;re using personal devices or personal email, if you are subject to the Freedom of Information Act because you&#8217;re a publicly funded institution, you are subject to state laws.\u201d<\/p>\n<p>These are important elements for clinicians to consider around data, but there are obvious concerns held by Spector-Bagdady and others for states where abortion is now considered a crime. The Emergency Medical Treatment and Active Labor Act (EMTALA) adds another complication for providers, where they must stabilize patients even if that includes abortion care and in a state where abortion is potentially criminalized.&nbsp;<\/p>\n<p>\u201cThe hospital is looking at civil liability from the feds, and the clinician is looking at criminal liability from the state,\u201d Spector-Bagdady. But unlike civil liability, my hospital can&#8217;t go to jail for me. My hospital can say, \u2018do the right thing, and if you get sued, we&#8217;ll protect you and pay civil penalties\u2019 but the hospital can\u2019t go to jail for someone.\u201d<\/p>\n<p>\u201cClinicians are being put in these horrific positions where they might actually be in a moment where they have to decide whether to potentially provide life saving abortion care when they might risk being charged with criminal effects,\u201d Spector-Bagdady. \u201cThat&#8217;s not our clinicians\u2019 burden to bear. That is the fault of our court system and our legislators.\u201d<\/p>\n<p>READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/33828\/Who-Owns-Digital-Health-Data-HIPPA-Privacy-Myths-May-Put-Women-At-Risk.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":48416,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[60],"tags":[2376],"class_list":["post-48415","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-packet-storm","tag-headlineprivacy"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.9 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Who Owns Digital Health Data? HIPPA Privacy Myths May Put Women At Risk 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/who-owns-digital-health-data-hippa-privacy-myths-may-put-women-at-risk\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Who Owns Digital Health Data? HIPPA Privacy Myths May Put Women At Risk 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/who-owns-digital-health-data-hippa-privacy-myths-may-put-women-at-risk\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2022-09-12T15:31:24+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/cdn.scmagazine.com\/wp-content\/uploads\/2022\/09\/download.jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"10 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/who-owns-digital-health-data-hippa-privacy-myths-may-put-women-at-risk\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/who-owns-digital-health-data-hippa-privacy-myths-may-put-women-at-risk\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Who Owns Digital Health Data? HIPPA Privacy Myths May Put Women At Risk\",\"datePublished\":\"2022-09-12T15:31:24+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/who-owns-digital-health-data-hippa-privacy-myths-may-put-women-at-risk\\\/\"},\"wordCount\":1973,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/who-owns-digital-health-data-hippa-privacy-myths-may-put-women-at-risk\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/09\\\/who-owns-digital-health-data-hippa-privacy-myths-may-put-women-at-risk.jpg\",\"keywords\":[\"headline,privacy\"],\"articleSection\":[\"Packet Storm\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/who-owns-digital-health-data-hippa-privacy-myths-may-put-women-at-risk\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/who-owns-digital-health-data-hippa-privacy-myths-may-put-women-at-risk\\\/\",\"name\":\"Who Owns Digital Health Data? HIPPA Privacy Myths May Put Women At Risk 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/who-owns-digital-health-data-hippa-privacy-myths-may-put-women-at-risk\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/who-owns-digital-health-data-hippa-privacy-myths-may-put-women-at-risk\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/09\\\/who-owns-digital-health-data-hippa-privacy-myths-may-put-women-at-risk.jpg\",\"datePublished\":\"2022-09-12T15:31:24+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/who-owns-digital-health-data-hippa-privacy-myths-may-put-women-at-risk\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/who-owns-digital-health-data-hippa-privacy-myths-may-put-women-at-risk\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/who-owns-digital-health-data-hippa-privacy-myths-may-put-women-at-risk\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/09\\\/who-owns-digital-health-data-hippa-privacy-myths-may-put-women-at-risk.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/09\\\/who-owns-digital-health-data-hippa-privacy-myths-may-put-women-at-risk.jpg\",\"width\":230,\"height\":219},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/who-owns-digital-health-data-hippa-privacy-myths-may-put-women-at-risk\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,privacy\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlineprivacy\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Who Owns Digital Health Data? HIPPA Privacy Myths May Put Women At Risk\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Who Owns Digital Health Data? HIPPA Privacy Myths May Put Women At Risk 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/who-owns-digital-health-data-hippa-privacy-myths-may-put-women-at-risk\/","og_locale":"en_US","og_type":"article","og_title":"Who Owns Digital Health Data? HIPPA Privacy Myths May Put Women At Risk 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/who-owns-digital-health-data-hippa-privacy-myths-may-put-women-at-risk\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2022-09-12T15:31:24+00:00","og_image":[{"url":"https:\/\/cdn.scmagazine.com\/wp-content\/uploads\/2022\/09\/download.jpeg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"10 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/who-owns-digital-health-data-hippa-privacy-myths-may-put-women-at-risk\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/who-owns-digital-health-data-hippa-privacy-myths-may-put-women-at-risk\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Who Owns Digital Health Data? HIPPA Privacy Myths May Put Women At Risk","datePublished":"2022-09-12T15:31:24+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/who-owns-digital-health-data-hippa-privacy-myths-may-put-women-at-risk\/"},"wordCount":1973,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/who-owns-digital-health-data-hippa-privacy-myths-may-put-women-at-risk\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/09\/who-owns-digital-health-data-hippa-privacy-myths-may-put-women-at-risk.jpg","keywords":["headline,privacy"],"articleSection":["Packet Storm"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/who-owns-digital-health-data-hippa-privacy-myths-may-put-women-at-risk\/","url":"https:\/\/www.threatshub.org\/blog\/who-owns-digital-health-data-hippa-privacy-myths-may-put-women-at-risk\/","name":"Who Owns Digital Health Data? HIPPA Privacy Myths May Put Women At Risk 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/who-owns-digital-health-data-hippa-privacy-myths-may-put-women-at-risk\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/who-owns-digital-health-data-hippa-privacy-myths-may-put-women-at-risk\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/09\/who-owns-digital-health-data-hippa-privacy-myths-may-put-women-at-risk.jpg","datePublished":"2022-09-12T15:31:24+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/who-owns-digital-health-data-hippa-privacy-myths-may-put-women-at-risk\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/who-owns-digital-health-data-hippa-privacy-myths-may-put-women-at-risk\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/who-owns-digital-health-data-hippa-privacy-myths-may-put-women-at-risk\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/09\/who-owns-digital-health-data-hippa-privacy-myths-may-put-women-at-risk.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/09\/who-owns-digital-health-data-hippa-privacy-myths-may-put-women-at-risk.jpg","width":230,"height":219},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/who-owns-digital-health-data-hippa-privacy-myths-may-put-women-at-risk\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,privacy","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlineprivacy\/"},{"@type":"ListItem","position":3,"name":"Who Owns Digital Health Data? HIPPA Privacy Myths May Put Women At Risk"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/48415","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=48415"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/48415\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/48416"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=48415"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=48415"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=48415"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}