Bringing an End to HIPAA Nightmares with Deven McGraw


On September 29th, Deven McGraw will be leading “Scary Acronyms: Review of the Regulatory and Legal Issues Core to Health IT” at Health 2.0 EDU Live Workshop! Deven is the Director of the Health Privacy Project at Center for Democracy and Technology. With years of experience navigating health policy in health technology, Deven joins the Health 2.0 EDU community to provide her insight into health technology privacy laws and restrictions. You can register for this workshop here.

EDU: In your experience with various companies and organization how well do you feel those in the field understand regulatory and legal issues of Health IT? Where are there misunderstandings?

DM: The level of knowledge in the field has increased over the past several years, and now many companies have a decent baseline knowledge of regulatory and legal issues.  But misunderstandings still arise, because:  the laws are fairly complex; there are a number of different health IT programs, at both the federal and state level, so it’s not always easy to figure out how to comply with all potentially relevant laws; and, notwithstanding greater overall baseline knowledge, mischaracterizations (and also overly conservative interpretations) of the law still persist.  Consequently, it’s very hard to figure out the landscape without some help.

EDU: Your talk is called “Scary Acronyms.” Why do you feel they are intimidating for health it professionals?

DM: Health IT professionals are smart people – and pretty used to being masters of their fields.  When faced with acronyms that don’t make sense, or that they don’t fully understand – and that potentially have very real implications for whether their product succeeds or lands them in a regulator’s office – they are understandably a bit intimidated.

EDU: Which legal issues cause the biggest problems for developing Health IT companies? 

DM: I suspect intellectual property issues may be among the most daunting – but I’m not an intellectual property expert, so I can’t be of any help to anyone sorting through those issues! Successfully dealing with privacy and security issues (and whether HIPAA compliance is or is not required – and if it’s not, what do you do then) is another concern, and on that, I hope to try to be helpful to people.

EDU: What are you most looking forward to about lecturing at the Health 2.0 EDU Live workshop in Santa Clara on the 29th?

DM: The free beer!  What – no free beer?  O’kay – then I’m looking forward to hearing from attendees what “Scary Acronym” issues are causing them insomnia and hopefully providing some guidance to help resolve them.

Leave a Reply

Your email address will not be published. Required fields are marked *