Privacy beyond HIPAA in voice technology
“I think as far as smart speakers and virtual assistants [go], Amazon right now only has HIPAA-eligible environments, so basically turning on and off HIPAA for specific skills, enabling HIPAA for a particular voice app or voice skill,” Sarah Lindenauer, product and portfolio manager of the innovation and digital health accelerator (IDHA) at Boston Children’s Hospital, said at MassBio’s forum on Using Clinical Data from wearables and voice.
“Right now, it’s invite-only and only select developers or partners would develop skills that process PHI in a HIPAA-compliant manner. That is great and a step in the right directions. But when you think about placing a smart speaker in a hospital room, there is a whole host of considerations. … The entire platform isn’t HIPAA compliant and you can’t tell, if it's patient facing, how the patient is going to use it and the type of information they are going to share, and whether they are going to stay in that one skill that is deemed HIPAA compliant.”