Don't pay for unnecessary snakes: A case study

Emmi Bane (Emmi@weconnectrecovery.com) is Chief Compliance, Ethics and Privacy Officer at WEconnect in Seattle, WA.

I am, primarily, a medical ethicist whose focus is on the ethical collection, storage, and downstream policy governing large genetic research banks. I specialize in data governance and data privacy and policy. The female-founded company I work for makes a mobile application that connects individuals who are recovering from substance abuse and addiction to their support and accountability network. The application was designed by, and with input from, primary community stakeholders.

I began working with my company originally in the capacity of a medical ethicist to create and implement policy. Initially our only operational documents were a skeleton privacy policy and a document outlining terms of service, which was vague.

Our company, like many new health information technology organizations, operates in a regulatory gray area. We do not provide healthcare. We are not a medical service. We do not receive federal funding, nor did we, at the outset, work with any entity that did. We did, however, recognize that the information that people provided us with was at best sensitive, and that we had a real obligation to respect and secure it at every point in the process. The founders were responsive to the privacy concerns and questions from the community, and they wanted to design their privacy policies and practices to reflect the highest standard of security, confidentiality, and respect for the community.

This document is only available to members. Please log in or become a member.
 


Would you like to read this entire article?

If you already subscribe to this publication, just log in. If not, let us send you an email with a link that will allow you to read the entire article for free. Just complete the following form.

* required field