Author: Brianna Gardner

This week, the United States Surgeon General issued an advisory, urging more Americans to begin carrying the opioid overdose-reversing drug, naloxone. The last time the Surgeon General issued such an advisory to the American public was more than a decade ago, focusing on the hazards of alcohol consumption during pregnancy—perhaps a signal that the opioid crisis is worse than the public recognizes.

Narcan, one of the more popular brand name drugs, temporarily reduces the effects of an opioid overdose and can restore normal breathing to a person suspected to have overdosed. It comes in the form of a nasal spray, making it simple for untrained users to administer. Now, Narcan is widely available in pharmacies across the United States, including CVS and Walgreens. Though only some states permit the sale of Narcan over-the-counter, most now even permit family members of drug users to receive Narcan without a prescription at pharmacies.

As nearly 91 Americans die each day from an opioid overdose, President Donald Trump has declared the opioid crisis a public health emergency. However, the widespread availability of Narcan, especially in states where it is available over-the-counter, presents interesting legal questions. Access to Narcan was limited until state legislatures provided specific statutory protections for nonmedical personnel to possess and administer the drug to persons suspected of an overdose. This practice, called “third party prescribing,” permits physicians and medical personnel to dispense Narcan, or other similar drugs, to a person other than the one at risk for overdose.

As regulation of the medical profession typically falls to the states themselves, a physician generally can legally prescribe a drug to his patient when it is (1) in good faith, (2) in the usual course of professional practice, and (3) for a legitimate medical purpose. Nevertheless, in the absence of federal action to combat the opioid crisis, states have enacted legislation that increases access to these potentially life-saving opioid overdose-reducing drugs. Such legislation reduces liability for the prescribers, dispensers, and administrators, thereby attempting to increase the availability to Narcan to affected consumers who may fear the stigma of requesting their own prescription, or who may lack the funds or health insurance to access Narcan themselves. Fortunately, the drug has no abuse potential, but still requires individuals to seek medical attention immediately following the administration of the drug. Since Narcan is only a temporary solution, the symptoms of an overdose may return and require immediate medical attention.

As more states attempt to reconcile with the widespread opioid epidemic, the federal government needs to take a firmer stand. By enacting federal legislation to provide Narcan and similar drugs over-the-counter, the government can increase the availability of the drug and prevent opioid-related deaths. The federal government can also permit community distribution, which often involves supplying the drugs to addicts without cost, as well as require federal assistance programs to cover the costs of Narcan. Overall, the number of synthetic opioid-related deaths has reached 200,000, and the federal government must act to combat this epidemic—sooner rather than later.

This week, Apple announced that it will now allow users to download and view portions of their medical records on their Apple products. This function will become a part of Apple’s Health app, and now enables consumers to transfer clinical data from their health care providers to their iPhones. This tool will allow for “easier sharing across multiple providers,” meaning that users will be able to bring their medical records with them in the event of switching doctors or moving, rather than going through the process of getting their records faxed or sent by the office itself. However, the risk to consumers may be substantial. By having a considerable amount of protected health information (PHI) on a mobile device or wearable technology, it exposes the consumer to the potential risk of hacking and theft.

While this feature has just begun beta testing, with some high-profile medical institutions among the first to provide access to their patients, the introduction of this feature leaves open some important questions regarding the Health Insurance Portability and Accountability Act (HIPAA).

Although HIPAA does not act as a general medical privacy law, HIPAA standardizes the privacy of health information in the United States by creating baseline protections for health information. The privacy rule, promulgated by the Department of Health and Human Services, focuses on HIPAA in its relation to “covered entities” and “business associates.” In doing so, the rule created a loophole that seems to be growing steadily as more and more of the population engages with websites, phone applications, and wearable technology that collects and stores health information, known as “non-HIPAA” health data.

As most of this health data falls outside of the scope of HIPAA’s protection, there is a serious question as to if, and how, this data should be regulated and protected. While Apple stated that it will not be able to view users’ medical data, which is encrypted, accessible only with the users’ password, and stored locally on the iPhone, users are also given the option to share such data with the company.

While the Apple was initially reluctant to consider the potentiality for HIPAA privacy and security issues, the tech giant has signaled, by seeking and retaining “Privacy Counsel” focused on HIPAA and health, that they are taking the issue of health privacy and security seriously. Recently, CEO Tim Cook stated that “the holy grail of the watch is being able to monitor more and more of what’s going on in the body.” As the Apple Watch itself has been held out to be and adopted as a “health monitoring device,” with 80 percent of its consumers utilizing the health and fitness tracking function, it becomes even more important for Apple to consider adopting a HIPAA-compliant system to protect the plethora of data collected by such devices.

As a recent report issued by the Obama White House demonstrated, “big data analytics” wield the potential to undermine established civil rights protections in how personal information is used in housing, credit, employment, health, education, and the marketplace. With implications such as these, one has to wonder what the next steps will be in addressing the proliferation of non-HIPAA data.