bill into law on Thursday, giving users the right to withdraw consent at any time and have their data deleted.
The law should help shield users’ health data from the companies and organizations not included under the, which prevents certain medical providers from disclosing “individually identifiable” health information without consent. The HIPAA Privacy Rule doesn’t cover many of the health apps and sites that collect medical data, allowing them to freely collect and sell this information to advertisers.
“My Health, My Data protects the independence and dignity of individuals when they make healthcare decisions,” says Representative Vandana Slatter , one of the bill’s backers. “It prevents vulnerabilities in the technological era that are being used to target and exploit consumers who may not be aware of the vast data that everything from our watches and phones collect.”