Digital Health Privacy Program (DHPP)
The Landscape
While the use and disclosure of health-related data held by doctors and insurance companies is regulated by the Health Insurance Portability and Accountability Act (HIPAA), data collected and used by makers of wearable devices, health and wellness apps, online services, and the Internet of Things is not covered by HIPAA.
American Privacy Rights Act
Consumer Health State Legislation
Health Breach Notification Rule
Time to Take Action
As the call to action to protect consumer health information grows louder, companies who collect and use health-related data not covered under HIPAA have an opportunity to take proactive steps to get ahead of regulation and meet the privacy needs of their customers.
Program Overview
The Digital Health Privacy Program (DHPP) will:
- Gather input from select business leaders on the front lines of non-HIPAA consumer health data management.
- Evaluate participating companies' consumer health data privacy practices, in alignment with applicable state and federal data privacy requirements.
- Certify companies with a seal, demonstrating their accountability to robust standards for treatment of sensitive health data.
- Provide ongoing support to participants as their new products and services are offered to consumers.
- Help consumers find the products and services they can trust.
The certification process includes a comprehensive verification and readiness assessment for your product as well as ongoing monitoring and support from the BBB National Programs privacy team. As a participant, your certification seal will demonstrate to customers that your product or service complies with the stringent requirements of the program.
How it Works
Comprehensive Verification
- Evaluate your products’ data collection practices for compliance
- Vet your advertising data collection practices, including first- and third-party trackers
- Review your privacy policies, terms, and notices to ensure necessary requirements are met
Findings Assessment
- Clear instructions and recommendations on next steps
- Developer checklists to help facilitate privacy by design
- Personalized consultations to discuss existing and emerging privacy laws
- Regular monitoring and real-time alerts to ensure you remain in compliance
Benefits
- Confidence that your products are fully compliant with established standards
- Hands-on support when privacy laws, regulations, practices, and guidelines change
- Ongoing privacy counseling with a fast turnaround time and sensitivity to your deadlines
- Complimentary educational opportunities and custom privacy trainings