NEMA responds to regulatory confusion with its own security initiative

Article

Fearing that a maze of healthcare regulations cropping up around the world has the potential to complicate product design, the medical informatics section of the National Electrical Manufacturers Association has launched a privacy and security initiative

Fearing that a maze of healthcare regulations cropping up around the world has the potential to complicate product design, the medical informatics section of the National Electrical Manufacturers Association has launched a privacy and security initiative of its own.

NEMA and its member companies are concerned that the response of healthcare institutions to regulations such the Health Insurance Portability and Accountability Act (HIPAA) in the U.S., and to similar laws in Europe and Japan, will lead to communication problems among institutions and unnecessary complexity in product design. It could also delay the adoption of better privacy and security measures.

NEMA has asked healthcare industry vendors to help define a common approach to new privacy and security regulations.

NEMA is taking a pragmatic approach, addressing specific areas such as remote serviceability of equipment, service access guidelines, and audit trails, said Vicki Schofield, industry manager for NEMA's medical division. Based on market needs, the initiative may be expanded in the future.

Five basic HIPAA regulations are related to information privacy and security:

?transactions and code sets;
?security and electronic signatures;
?privacy;
?employer identifiers; and
?healthcare provider identifiers.

The first regulation was published in the Federal Register in August. Others are being finalized and will go into effect two years after final publication.

The European Community directive (EC 95/46), adopted in 1995, though not specific to the healthcare industry, does attempt to broadly protect personal data by ensuring confidentiality and permitting only legitimate use. Transmission of patient health records, recognized as one of the most sensitive types of personal data, is restricted between complying countries, which includes the U.S.

The U.S. Department of Commerce and the European Commission have adopted principles requiring that organizations provide notice, choice, onward transfer, access, security, data integrity, and enforcement when the disclosure of individual information is involved, Schofield said.

The Japanese regulation (HPB 517), published last year, is healthcare-specific and includes requirements for electronic storage of clinical records, authenticity and accuracy of data storage and transmission, legibility and security of stored information, patient privacy, and access control.

NEMA launched the initiative at the request of its European equivalent, the European Coordination Committee of the Radiological and Electromedical Industry. NEMA, in turn, enlisted its Japanese sister organization, the Japan Industries Association of Radiation Apparatus.

Recent Videos
Improving Access to Nuclear Imaging: An Interview with SNMMI President Jean-Luc C. Urbain, MD, PhD
SNMMI: 18F-Piflufolastat PSMA PET/CT Offers High PPV for Local PCa Recurrence Regardless of PSA Level
SNMMI: NIH Researcher Discusses Potential of 18F-Fluciclovine for Multiple Myeloma Detection
SNMMI: What Tau PET Findings May Reveal About Modifiable Factors for Alzheimer’s Disease
Emerging Insights on the Use of FES PET for Women with Lobular Breast Cancer
Can Generative AI Reinvent Radiology Reporting?: An Interview with Samir Abboud, MD
Mammography Study Reveals Over Sixfold Higher Risk of Advanced Cancer Presentation with Symptom-Detected Cancers
Combining Advances in Computed Tomography Angiography with AI to Enhance Preventive Care
Study: MRI-Based AI Enhances Detection of Seminal Vesicle Invasion in Prostate Cancer
What New Research Reveals About the Impact of AI and DBT Screening: An Interview with Manisha Bahl, MD
Related Content
© 2025 MJH Life Sciences

All rights reserved.