Fearing that a maze of healthcare regulations cropping up around the world has the potential to complicate product design, the medical informatics section of the National Electrical Manufacturers Association has launched a privacy and security initiative
Fearing that a maze of healthcare regulations cropping up around the world has the potential to complicate product design, the medical informatics section of the National Electrical Manufacturers Association has launched a privacy and security initiative of its own.
NEMA and its member companies are concerned that the response of healthcare institutions to regulations such the Health Insurance Portability and Accountability Act (HIPAA) in the U.S., and to similar laws in Europe and Japan, will lead to communication problems among institutions and unnecessary complexity in product design. It could also delay the adoption of better privacy and security measures.
NEMA has asked healthcare industry vendors to help define a common approach to new privacy and security regulations.
NEMA is taking a pragmatic approach, addressing specific areas such as remote serviceability of equipment, service access guidelines, and audit trails, said Vicki Schofield, industry manager for NEMA's medical division. Based on market needs, the initiative may be expanded in the future.
Five basic HIPAA regulations are related to information privacy and security:
?transactions and code sets;
?security and electronic signatures;
?privacy;
?employer identifiers; and
?healthcare provider identifiers.
The first regulation was published in the Federal Register in August. Others are being finalized and will go into effect two years after final publication.
The European Community directive (EC 95/46), adopted in 1995, though not specific to the healthcare industry, does attempt to broadly protect personal data by ensuring confidentiality and permitting only legitimate use. Transmission of patient health records, recognized as one of the most sensitive types of personal data, is restricted between complying countries, which includes the U.S.
The U.S. Department of Commerce and the European Commission have adopted principles requiring that organizations provide notice, choice, onward transfer, access, security, data integrity, and enforcement when the disclosure of individual information is involved, Schofield said.
The Japanese regulation (HPB 517), published last year, is healthcare-specific and includes requirements for electronic storage of clinical records, authenticity and accuracy of data storage and transmission, legibility and security of stored information, patient privacy, and access control.
NEMA launched the initiative at the request of its European equivalent, the European Coordination Committee of the Radiological and Electromedical Industry. NEMA, in turn, enlisted its Japanese sister organization, the Japan Industries Association of Radiation Apparatus.
Can CT-Based Deep Learning Bolster Prognostic Assessments of Ground-Glass Nodules?
June 19th 2025Emerging research shows that a multiple time-series deep learning model assessment of CT images provides 20 percent higher sensitivity than a delta radiomic model and 56 percent higher sensitivity than a clinical model for prognostic evaluation of ground-glass nodules.
FDA Clears Ultrasound AI Detection for Pleural Effusion and Consolidation
June 18th 2025The 14th FDA-cleared AI software embedded in the Exo Iris ultrasound device reportedly enables automated detection of key pulmonary findings that may facilitate detection of pneumonia and tuberculosis in seconds.