The Security Ledger Podcast

The Security Ledger Podcast


Spotlight Podcast: Beyond HIPAA – a Conversation with Nemours CPO Kevin Haynes

December 18, 2019

In this Spotlight edition of The Security Ledger Podcast, sponsored by RSA Security*, the Chief Privacy Officer at Nemours Healthcare, Kevin Haynes, joins us to talk about the fast evolving privacy demands on healthcare firms and how the Chief Privacy Officer role is evolving to address new privacy and security threats.

In just a couple weeks The California Consumer Privacy Act – or CCPA – will take effect. Considered the most comprehensive data privacy law in the country, the CCPA could become a de-facto federal standard akin to the EU’s GDPR, at least in the absence of a matching federal law.

The law, enforcement of which begins in July, 2020, will be a wake up call to many industries that have made a business of collecting, mining and even re-selling their customers data. One industry that is unlikely to be phased by the new requirements, however, is healthcare. That’s because a comprehensive patient data privacy law, HIPAA, has governed that industry for more than two decades.

Spotlight Podcast: RSA CTO Zulfikar Ramzan on confronting Digital Transformation’s Dark Side

Healthcare Industry beset by Changes

Kevin Haynes is the Chief Privacy Officer at Nemours Healthcare.

But the existence of a strong federal data protection law for patient health information doesn’t leave the healthcare industry immune from controversies, risks or questions about the extent of privacy protections. That’s especially true as a new generation of connected medical devices work their way into clinical settings, exposing them to cyber and operational risks in new ways. And, as data hungry firms like Google look to expand their reach into the massive healthcare industry, healthcare firms are needing to balance their interest in new treatments and better customer service against the privacy rights and concerns of their members. Concerns about data privacy and the abuse of medical information, for example, has dogged initiatives like Google’s Project Nightingale since its inception.

The Role of Healthcare CPO: Beyond HIPAA

To learn more about the unique challenges facing healthcare organizations, we invited Kevin Haynes, the Chief Privacy Officer of the Nemours Foundation – a pediatric health provider in six states and the District of Columbia – about how the role of Chief Privacy Officer is changing and adapting to the challenges and threats facing healthcare organizations.

Massive Marriott Breach Underscores Risk of overlooking Data Liability

Haynes says that – despite laws like HIPAA and even CCPA- privacy protecti...