AXEL NEWE
  • Home
  • About Me
  • Work History
  • My Portfolio
    • Civic Engagement
    • Professional Thought Leadership
    • Trainings, Learnings, and Certifications
  • My Blog
  • Photo Album
  • Links and Affiliations
  • Contact

From the Field: Thoughts on Growth, Tech, Democracy & Life

Are Healthcare Privacy Protections Quietly Being Undermined?

5/1/2025

0 Comments

 
As someone who’s worked in healthcare IT for years—mainly as a consultant—HIPAA compliance isn’t a side note. It’s baked into everything: client conversations, technical roadmaps, and yes, the required annual training. Frameworks like HITRUST CSF, NIST, and COBIT aren’t just concepts—they guide the real-world systems we help clients build and secure.
​
​But lately, I’ve noticed something unsettling: rules that were once firm are starting to feel… optional.
Are These Protections Being Ignored? Or Reinterpreted?
No, HIPAA hasn’t been repealed. But that doesn’t mean its protections are always honored.

Across the country, we’re seeing signs that long-standing patient privacy rules are being bypassed when they conflict with political priorities:

  • Health data used for prosecutions in states targeting reproductive care
  • Creation of health registries for various purposes without full transparency
  • Veterans’ mental health data shared across agencies in unclear ways

​These aren’t alternative narratives. They’re signals that the rules we’ve relied on may not be as solid as they seem.
Legal Rules vs. Frameworks: Why the Difference Matters
​We often talk about HIPAA and HITRUST in the same breath—but there’s a big difference.
Legally Binding
​
​HIPAA, HITECH, 21st Century Cures Act
Frameworks
​
HITRUST CSF, NIST, COBIT (Not enforceable laws)
When laws are weakened—or simply ignored—frameworks alone can’t protect sensitive health data.
Why This Matters to Clients and Consultants
This isn’t just theory. It directly affects the work we do:
​
  • Clients may get conflicting advice: “Share this data—it’s fine.”
  • Internal privacy teams could be sidelined for political goals.
  • Trust in EHRs and portals erodes if patients learn their info is being quietly used for other purposes. This can have a cascading effect on the quality of care patients receive.
​
​If this trend continues, we could see innovation slow, legal risk increase, and state-by-state fragmentation in data handling rules. All of this will make our job more difficult, as many of our products are, and much of our thought leadership is, built around compliance.
What Can We Do About It?
Here’s what I recommend to peers and clients:
​
  • Stick to strong frameworks like HITRUST and NIST—even when not required
  • Educate clients and teams on rights, risks, and ethical boundaries
  • Document every sensitive disclosure and exception
  • Support legislation that strengthens—not weakens—health privacy
Final Thought
I’m not raising this concern as an alarmist or conspiracy theorist; I don't think I am either. As an integrator and consultant, I’m speaking as someone who has lived in the trenches of healthcare IT compliance. If we let the protections slip—even slowly—it’s not just privacy that suffers, it’s trust.
Additional  thoughts or experiences on this topic are greatly appreciated. I’d love to hear how others in the field are navigating the shifting landscape.
Sources

Official References & Frameworks

  • HIPAA for Professionals – HHS.gov

  • HITECH Act Overview – HealthIT.gov

  • HITRUST CSF – HITRUST Alliance

  • COBIT – ISACA.org

Recent Reporting
  • “States Move to Loosen Health Data Privacy in Post-Roe Landscape” – STAT News
​​
  • “HIPAA Loopholes Are a Privacy Risk, Experts Warn” – KFF Health News
​
  • ​“OCR Ramps Up Enforcement as Data Sharing Expands” – Health IT Security
0 Comments



Leave a Reply.

    Author

    Axel Newe is a strategic partnerships and GTM leader with a background in healthcare, SaaS, and digital transformation. He’s also a Navy veteran, cyclist, and lifelong problem solver. Lately, he’s been writing not just from the field and the road—but from the gut—on democracy, civic engagement, and current events (minus the rage memes). This blog is where clarity meets commentary, one honest post at a time.

    Archives

    June 2025
    May 2025
    April 2025

    Categories

    All
    AI
    AI Ethics
    AI Imposters
    AI Lifecycle
    American Democracy
    American History
    Autocracy
    Bike Industry
    Budget & Spending
    Business Strategy
    Career
    Chinese Bike Tech
    Civic Action
    Civil Liberties
    Compliance
    Constitutional Law
    Constitutional Rights
    Critical Thinking
    Culture & Society
    Cycling Innovation
    Cycling Life
    Data Integration
    DEI
    Democracy In Crisis
    Digital Health
    Digital Transformation
    Education & Policy
    Enshittification
    Enterprise AI
    Executive Power
    FinServ
    French Revolution
    FTC Non-Compete Ban
    Future Of Work
    Garbage In
    Garbage Out
    Go To Market
    Go-To-Market
    Government Accountability
    Government Reform
    Healthcare
    Healthcare Policy
    Healthcare Technology
    Health Equity
    Health IT
    Higher Education
    HIPAA
    Historical Comparison
    Historical Reflection
    HITRUST
    Immigration & Human Rights
    Institutional Trust
    Interoperability
    Job Search
    Medicaid
    Medicaid And Medicare Strategy
    Medicare
    Military Culture
    National Security
    Necronomics
    Parenting & Family
    Political Analysis
    Political Polarization
    Politics
    Professional Development
    Public Health
    Public Policy
    Rebuilding Trust In Politics
    Responsible Dissent
    Roman Republic And US Comparison
    SaaS
    Salesforce Strategy
    Social Contract Theory
    Technology Ethics In Care Delivery
    Technology In Business
    Tribal Health
    Used Bikes
    U.S. Navy
    Veteran Perspective
    Veterans
    Workforce Transformation

    RSS Feed

Proudly powered by Weebly
  • Home
  • About Me
  • Work History
  • My Portfolio
    • Civic Engagement
    • Professional Thought Leadership
    • Trainings, Learnings, and Certifications
  • My Blog
  • Photo Album
  • Links and Affiliations
  • Contact