Jan 242019
 January 24, 2019  Posted by  Featured News, Healthcare, Laws

HIPAA lawyer Jeff Drummond is critical of a proposed law in Oregon.  Here’s why:

Oregon wants to pass a law to prohibit the sale of de-identified data without the data subject’s consent.  That is dumb — de-identified data does not have a data subject.  And if it’s truly de-identified, there is no downside to its being shared, at least no downside to the data subject (because, again, there is data subject if it’s de-identified).

I understand the “property rights” concept, but it really doesn’t work with data.  Data isn’t a thing like that; data is a fact, and you can’t own a fact.  The exact same data can be possessed by multiple people at the same time, without diminution of the value to any other holder.  Plus the data may only connect to a particular subject in a particular situation.

Read more on HIPAA Blog.

Sorry, the comment form is closed at this time.