What You Need to Know
- You take care to protect sensitive client health information.
- Suddenly, everyone from concert halls to wineries is also asking for sensitive health information.
- Everyone will have to face the same kinds of data security and data compatibility issues that have haunted your nightmares.
At a recent concert at a small winery, the door attendant checked my New York state digital vaccine record on my smartphone — the first of its kind in the country — against my photo ID, along with those of everyone else coming through the door.
The experience was quick and easy, and I felt safe knowing that I was joining a gathering of people who were all vaccinated — not to mention, I didn’t have to worry about keeping track of a vulnerable paper handwritten card that doesn’t fit neatly in my wallet.
As the Delta variant spreads in tandem with vaccinated Americans like me starting to resume these kinds of social activities, and particularly as we get ready to travel again, the demand for digital proofs of vaccination is beginning to rise.
So are concerns that a digital record could put Americans’ data at risk and violate HIPAA — the Health Insurance Portability and Accountability Act of 1996, which protects sensitive patient health information from being disclosed without their knowledge or consent.
This issue is of interest to financial professionals, because your own clients could end up having to document their vaccination status when interacting with life and health insurers in this country or when traveling to other countries to resolve financial matters there.
Some states have already launched digital vaccine passes, while others have gone so far as to ban them, citing privacy and equality of access to services. There are broader organizations that are and will continue to include vaccine verification in their authorization services and it’s likely that consumers will increasingly seek to embed vaccination status into applications that afford them access to transportation, border crossings, etc. Today, the disconnected approach is creating many challenges, and additional options from the private sector are also in development.
The disparity of these vaccine passes means people will need to have multiple apps and passes, because they are not interconnected. Further, it gives rise to falsification of credentials, which is already happening in the market, both digitally and on paper. User information needs to be protected, and validation of a credential needs to be considered.