{"id":48611,"date":"2022-09-27T15:39:11","date_gmt":"2022-09-27T15:39:11","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/33881\/National-Data-Privacy-Proposal-May-Shape-Health-Data-Not-Covered-By-HIPAA.html"},"modified":"2022-09-27T15:39:11","modified_gmt":"2022-09-27T15:39:11","slug":"national-data-privacy-proposal-may-shape-health-data-not-covered-by-hipaa","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/national-data-privacy-proposal-may-shape-health-data-not-covered-by-hipaa\/","title":{"rendered":"National Data Privacy Proposal May Shape Health Data Not Covered By HIPAA"},"content":{"rendered":"<div>\n<figure class=\"wp-block-image size-large is-style-default\"><img decoding=\"async\" src=\"https:\/\/cdn.scmagazine.com\/wp-content\/uploads\/2022\/09\/092622_capitol_dome-1024x614.jpg\" alt class=\"wp-image-449715\"><figcaption>If the American Data Privacy and Protection Act passes Congress, it could shore-up some of the data privacy gaps not covered by HIPAA. (Photo by Anna Moneymaker\/Getty Images)<\/figcaption><\/figure>\n<\/div>\n<p>Healthcare stakeholders have long warned of the need for better privacy protection for health data that falls outside the purview of the Health Insurance Portability and Accountability Act. If it passes Congress, the American Data Privacy and Protection Act may narrow some of those existing gaps.<\/p>\n<p>The ADPA advanced the House Energy and <a href=\"https:\/\/www.scmagazine.com\/analysis\/privacy\/national-data-privacy-law-draws-mixed-reaction-from-civil-liberties-industry-groups\">Commerce Committee in July<\/a> by a vote of 53-2 by and was lauded as a \u201cmajor step forward\u201d for national data privacy protections. The legislation was advanced aside two other bills seeking stronger federal ransomware reporting and requirements for IoT vendors on surveillance used in consumers\u2019 connected devices.<\/p>\n<p>Congressional efforts to create a unified privacy law stalled during the pandemic. But unlike past iterations that were held up by party differences, Deven McGraw, data stewardship &amp; data sharing for Invitae, is hopeful the support from the business community will give the legislation some legs.<\/p>\n<p>The legislation is \u201cvery comprehensive,\u201d said McGraw. \u201cIt\u2019s clearly a serious effort to address privacy issues that arise in what are currently under-regulated spaces. In a healthcare context, we have the HIPAA protections for data but they only apply to data in the hands of certain entities, doctors, hospitals, health plans, and their contracted vendors.\u201d<\/p>\n<p>\u201cYou have this robust digital health data economy that we&#8217;re trying to create for the benefit of all of us,\u201d she continued. \u201cAnd yet, we leave the data largely unprotected, or subject to the commitments made by private companies when we are outside of the HIPAA space.\u201d<\/p>\n<p>That means the current environment is rife with confusion for consumers of when data is or isn\u2019t protected outside of HIPAA. Industry groups have long bemoaned gaps in the privacy regulation for health data generated by consumers or through health apps, but the onus for securing data falls on Congress, not the Department of Health and Human Services.<\/p>\n<p>The proposed legislation would take major strides in closing these gaps, while giving federal agencies the resources and authority to better regulate data privacy, especially health information.<\/p>\n<h2>For health data, the benefits outweigh flaws<\/h2>\n<p>As noted in a recent Politico report, the HHS Office for Civil Rights\u2019 resource challenges makes it difficult to pursue every violation of HIPAA. Few people could understand those challenges better than McGraw, the former deputy director of health information privacy for OCR.<\/p>\n<p>On the regulatory side, OCR struggles with \u201cmaking a dent\u201d in tackling all of the complaints filed against providers and business associates over alleged HIPAA violations and potential cases that could be brought when a clear violation has been found because the agency\u2019s resources \u201cresources are always so constrained.\u201d<\/p>\n<p>For example, as HHS nears the enforcement period for<a rel=\"noreferrer noopener\" href=\"https:\/\/www.scmagazine.com\/analysis\/critical-infrastructure\/sequoia-project-seeks-comment-on-hhs-security-measures-for-healthcare-interoperability\" target=\"_blank\"> its interoperability push<\/a> to help patients access their own data, a federal privacy bill could ensure consumers aren\u2019t inadvertently storing their data on a platform unregulated by HIPAA or storing it on a social networking site without rigorous privacy protections.<\/p>\n<p>The ADPA could give the agency a much needed boost as it gives the Federal Trade Commission more resources and \u201cfrankly, more overt and obvious authority to regulate in certain spaces where the FDA [Food and Drug Administration] has struggled a little bit to stretch their existing Section Five authority,\u201d McGraw explained.<\/p>\n<p>The concern, however, is that sometimes the authority is challenged and then subjected to potential court rulings that \u201csay they went further than they were supposed to do,\u201d she added.<\/p>\n<p>The bill does considerably strengthen the agency\u2019s authority, and it\u2019s \u201ccertainly welcomed for the FTC to become more active in the privacy space.\u201d But McGraw warns they can only go as far as their existing authorities allow them to, and \u201ceven if they&#8217;re pushing that envelope a little bit, then there&#8217;s a possibility they can be overturned.\u201d<\/p>\n<p>Overall, arming the FTC with more resources and more authority is a serious win for health data privacy and a \u201csignificant step forward.\u201d<\/p>\n<p>McGraw is also concerned about how the bill would continue to facilitate the use of health data for research purposes. There is incredibly&nbsp;important medical research that happens with HIPAA\u2019s de-identified data, but \u201cthere&#8217;s a lot of uncertainty about how it could move forward under the bill.\u201d&nbsp;<\/p>\n<p>\u201cHIPAA has long had standards for how data gets de-identified, which, quite frankly, makes it unusual in privacy law,\u201d said McGraw. \u201cThey actually have a legal standard to ensure there\u2019s no reasonable basis to believe that the data in the hands of the recipient can be used to re-identify the patient.\u201d<\/p>\n<p>There are even two methodologies entities can \u201cuse to get data to the point of being deidentified: one requiring the removal of static identifiers and no knowledge that the data can be re-identified. The other is using an X: if you want to leave in data fields that increase the risk of re-identification, then you have to use other techniques to make the data less susceptible to being re-identified,\u201d she explained.<\/p>\n<p>These rules have long been understood, which allow data to be linked across datasets, as long the entity couldn\u2019t determine who the patient was. But discrepancies between HIPAA and the ADPA may disrupt these standards, McGraw noted. But there\u2019s hope these elements are \u201cfixable.\u201d<\/p>\n<p>It\u2019s important Congress addresses the concerns before the bill is brought to a final vote because it is unlikely to take up the issues again, if passed.<\/p>\n<p>\u201cWhen Congress acts in a really big way, they&#8217;re often reluctant to go back,\u201d she said.<\/p>\n<h2>Benefits in the post-Dobbs era<\/h2>\n<p>Data privacy challenges exist in all industries, but healthcare\u2019s app challenges have left a largely unregulated space. McGraw notes that data brokers and geolocation data generated by apps are especially problematic. As previously examined, <a href=\"https:\/\/www.scmagazine.com\/feature\/privacy\/who-owns-digital-health-data-hipaa-privacy-myths-may-put-women-at-risk\" target=\"_blank\" rel=\"noreferrer noopener\">after the upheaval of Roe v. Wade<\/a>, those privacy gray areas will become an even greater risk to patients.<\/p>\n<p>These issues are rooted in the \u201cvarious aspects of the online universe that we live in today, where you&#8217;re leaving breadcrumb trails of all the things that you&#8217;re doing all over the place, and it&#8217;s very under- regulated,\u201d said McGraw. \u201cIn some respects, these categories of sensitive data would receive even further protection that would be put into place by the proposed bill.\u201d<\/p>\n<p>\u201cAll of that is helpful. Is it sufficient in the post-Dobbs era?\u201d she added. For example, a recent study published in JAMA found that nearly all abortion clinic webpages use third-party trackers that transfer user data.<\/p>\n<p>The Dobbs opinion shines a spotlight on the need for this particular bill, but also on another critical issue: Any attempt to create a set of privacy rules primarily based on patient consent won\u2019t necessarily hold up as well when there are law enforcement access exceptions and court-ordered exceptions.<\/p>\n<p>\u201cYou&#8217;ll get a better environment, but you won&#8217;t get the perfect environment,\u201d she added. \u201cEven if the Dobbs\u2019 decision just ratchets up the level of concern to a degree that even HIPAA, frankly, doesn&#8217;t cover,\u201d particularly in circumstances where the intent of the gathering of the data, or the or a particular use of the data is going to harm someone.<\/p>\n<p>In short, we shouldn\u2019t be pinning privacy protections on the patients themselves to protect data. McGraw stressed that infrastructure rules that govern when data can be shared with law enforcement will be most effective.<\/p>\n<h2>Preemption of state privacy laws \u2018sacrifice for the nation\u2019<\/h2>\n<p>In 2019, Congress made numerous attempts to create a unified federal privacy law focused on giving consumers more control over data, penalizing companies for misusing or under-securing the data in their protection, and, perhaps most importantly, protecting troves of data currently unregulated by HIPAA.<\/p>\n<p>At the time, there was a unified consensus that a federal privacy law was needed due to the increase in the patchwork of inconsistent state laws, known to be inefficient in protecting consumers. But the parties were divided on whether the law should supersede state laws.<\/p>\n<p>As it stands, in healthcare and across all sectors, businesses must crosswalk a range of state laws and federal regulations to ensure compliance. It\u2019s a hefty task and one that often leaves gaps.<\/p>\n<p>By preempting state laws, a federal privacy law like the ADPA would reduce these hurdles and make it easier for businesses to comply. Although the latest privacy push would indeed preempt state laws, McGraw said she believes the prior sticking point won\u2019t be problematic given the support from the business community.<\/p>\n<p>The one outlier may be California, as it wants its own statute. The state\u2019s privacy law is well known to be one of the strictest in the country, on par with the EU\u2019s GDPR. However, it\u2019s \u201cnot a slam dunk that California is universally stronger across the board.\u201d<\/p>\n<p>And even if California has the strongest privacy law in the country, \u201cit doesn\u2019t help the rest of us,\u201d she added. \u201cCalifornia&#8217;s law was passed with a very chaotic, haphazard process in which we have very little enforcement experience to help inform what the challenges are, what works well, what doesn&#8217;t work so well.\u201d<\/p>\n<p>\u201cIt does sort of strike me as weakening the argument, in my opinion, for California to be arguing that its law needs to be preserved,\u201d said McGraw. \u201cTake one for the team, sacrifice for the rest of the nation.\u201d Particularly as the concessions would be relatively minute in comparison for what the rest of the country would gain with the proposed legislation.<\/p>\n<p>READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/33881\/National-Data-Privacy-Proposal-May-Shape-Health-Data-Not-Covered-By-HIPAA.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":48612,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[60],"tags":[1682],"class_list":["post-48611","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-packet-storm","tag-headlinegovernmentprivacyusa"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>National Data Privacy Proposal May Shape Health Data Not Covered By HIPAA 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/national-data-privacy-proposal-may-shape-health-data-not-covered-by-hipaa\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"National Data Privacy Proposal May Shape Health Data Not Covered By HIPAA 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/national-data-privacy-proposal-may-shape-health-data-not-covered-by-hipaa\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2022-09-27T15:39:11+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/cdn.scmagazine.com\/wp-content\/uploads\/2022\/09\/092622_capitol_dome-1024x614.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/national-data-privacy-proposal-may-shape-health-data-not-covered-by-hipaa\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/national-data-privacy-proposal-may-shape-health-data-not-covered-by-hipaa\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"National Data Privacy Proposal May Shape Health Data Not Covered By HIPAA\",\"datePublished\":\"2022-09-27T15:39:11+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/national-data-privacy-proposal-may-shape-health-data-not-covered-by-hipaa\\\/\"},\"wordCount\":1626,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/national-data-privacy-proposal-may-shape-health-data-not-covered-by-hipaa\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/09\\\/national-data-privacy-proposal-may-shape-health-data-not-covered-by-hipaa.jpg\",\"keywords\":[\"headline,government,privacy,usa\"],\"articleSection\":[\"Packet Storm\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/national-data-privacy-proposal-may-shape-health-data-not-covered-by-hipaa\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/national-data-privacy-proposal-may-shape-health-data-not-covered-by-hipaa\\\/\",\"name\":\"National Data Privacy Proposal May Shape Health Data Not Covered By HIPAA 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/national-data-privacy-proposal-may-shape-health-data-not-covered-by-hipaa\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/national-data-privacy-proposal-may-shape-health-data-not-covered-by-hipaa\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/09\\\/national-data-privacy-proposal-may-shape-health-data-not-covered-by-hipaa.jpg\",\"datePublished\":\"2022-09-27T15:39:11+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/national-data-privacy-proposal-may-shape-health-data-not-covered-by-hipaa\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/national-data-privacy-proposal-may-shape-health-data-not-covered-by-hipaa\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/national-data-privacy-proposal-may-shape-health-data-not-covered-by-hipaa\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/09\\\/national-data-privacy-proposal-may-shape-health-data-not-covered-by-hipaa.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/09\\\/national-data-privacy-proposal-may-shape-health-data-not-covered-by-hipaa.jpg\",\"width\":1024,\"height\":614},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/national-data-privacy-proposal-may-shape-health-data-not-covered-by-hipaa\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,government,privacy,usa\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinegovernmentprivacyusa\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"National Data Privacy Proposal May Shape Health Data Not Covered By HIPAA\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"National Data Privacy Proposal May Shape Health Data Not Covered By HIPAA 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/national-data-privacy-proposal-may-shape-health-data-not-covered-by-hipaa\/","og_locale":"en_US","og_type":"article","og_title":"National Data Privacy Proposal May Shape Health Data Not Covered By HIPAA 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/national-data-privacy-proposal-may-shape-health-data-not-covered-by-hipaa\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2022-09-27T15:39:11+00:00","og_image":[{"url":"https:\/\/cdn.scmagazine.com\/wp-content\/uploads\/2022\/09\/092622_capitol_dome-1024x614.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/national-data-privacy-proposal-may-shape-health-data-not-covered-by-hipaa\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/national-data-privacy-proposal-may-shape-health-data-not-covered-by-hipaa\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"National Data Privacy Proposal May Shape Health Data Not Covered By HIPAA","datePublished":"2022-09-27T15:39:11+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/national-data-privacy-proposal-may-shape-health-data-not-covered-by-hipaa\/"},"wordCount":1626,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/national-data-privacy-proposal-may-shape-health-data-not-covered-by-hipaa\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/09\/national-data-privacy-proposal-may-shape-health-data-not-covered-by-hipaa.jpg","keywords":["headline,government,privacy,usa"],"articleSection":["Packet Storm"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/national-data-privacy-proposal-may-shape-health-data-not-covered-by-hipaa\/","url":"https:\/\/www.threatshub.org\/blog\/national-data-privacy-proposal-may-shape-health-data-not-covered-by-hipaa\/","name":"National Data Privacy Proposal May Shape Health Data Not Covered By HIPAA 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/national-data-privacy-proposal-may-shape-health-data-not-covered-by-hipaa\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/national-data-privacy-proposal-may-shape-health-data-not-covered-by-hipaa\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/09\/national-data-privacy-proposal-may-shape-health-data-not-covered-by-hipaa.jpg","datePublished":"2022-09-27T15:39:11+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/national-data-privacy-proposal-may-shape-health-data-not-covered-by-hipaa\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/national-data-privacy-proposal-may-shape-health-data-not-covered-by-hipaa\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/national-data-privacy-proposal-may-shape-health-data-not-covered-by-hipaa\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/09\/national-data-privacy-proposal-may-shape-health-data-not-covered-by-hipaa.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/09\/national-data-privacy-proposal-may-shape-health-data-not-covered-by-hipaa.jpg","width":1024,"height":614},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/national-data-privacy-proposal-may-shape-health-data-not-covered-by-hipaa\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,government,privacy,usa","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinegovernmentprivacyusa\/"},{"@type":"ListItem","position":3,"name":"National Data Privacy Proposal May Shape Health Data Not Covered By HIPAA"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/48611","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=48611"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/48611\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/48612"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=48611"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=48611"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=48611"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}