Senator Cassidy Unveils New Privacy Standards for Health Apps
Washington, Thursday, 27 November 2025.
The Health Information Privacy Reform Act (HIPRA), introduced by Senator Cassidy, aims to regulate consumer health apps, ensuring privacy and data protection similar to HIPAA.
A New Era for Health Data Privacy
The introduction of the Health Information Privacy Reform Act (HIPRA) by Senator Bill Cassidy marks a significant shift in the regulation of consumer health data. Unlike the Health Insurance Portability and Accountability Act (HIPAA), which primarily regulates healthcare providers, payers, and clearinghouses, HIPRA extends its reach to encompass consumer health apps and wearable technology. This legislative effort aims to address privacy concerns as digital health technologies become more integrated into everyday life [1].
Key Provisions of HIPRA
HIPRA includes several pivotal provisions designed to enhance consumer privacy, such as granting users the right to access, modify, or delete their health information from apps and wearables. This is a departure from HIPAA, which does not currently offer a right to deletion. The Act also mandates that the Department of Health and Human Services (HHS) and the Federal Trade Commission (FTC) develop privacy and security rules that align with HIPAA standards, thereby setting a federal baseline for the protection of health-related data collected outside traditional medical settings [1][2].
Implications for Health App Developers
Health app developers and wearable technology companies will need to adapt to the new requirements set by HIPRA. The legislation defines ‘regulated entities’ as owners of health apps or devices and ‘service providers’ as vendors processing health-related data. This classification requires companies to ensure that data collected through these technologies is both secure and used with consumer consent. The emphasis on transparency and consent-based data use highlights the evolving expectations for digital health platforms [2][3].
The Need for Modernized Health Data Regulations
As health technology continues to evolve, the need for updated regulations becomes increasingly apparent. The proliferation of smartwatches and health apps has transformed how individuals manage their health, but it has also raised new privacy concerns. By introducing HIPRA, Senator Cassidy seeks to bridge the regulatory gap in health data privacy, ensuring that consumer data is protected in the digital age. This legislation reflects a broader trend towards enhancing data security and consumer trust in health technology [1][3].