Attorney Insights on Elite Data Protection | Flourish Re-Release with Helen Oscislawski

The episode revisits the core tension in today’s healthcare transformation—trust. Host Sarah Richardson interviews nationally‑recognized attorney Helen Oshilovski to unpack the "privacy paradox": clinicians and innovators demand instant, frictionless data exchange while patients and regulators insist on iron‑clad safeguards.

Oshilovski highlights three systemic gaps. First, legacy statutes such as the 1972 Substance Use Disorder privacy law have not kept pace with interoperable workflows, prompting calls for privacy‑by‑design and updated legal frameworks. Second, the 2020 information‑blocking rule overturns decades of HIPAA thinking, mandating data sharing unless a specific legal exemption applies, which has spurred confusion and litigation. Third, many organizations misinterpret de‑identification, assuming removal of names equals anonymity, exposing them to compliance risk.

A vivid illustration comes from Oshilovski’s personal experience as a legal proxy for her hospitalized mother, where internal processes failed to honor valid proxy documentation, forcing escalation to legal counsel. She also warns that most consumer health apps—wellness trackers, fertility tools, genetic kits—operate outside HIPAA’s jurisdiction, leaving data subject to varied state privacy laws and commercial exploitation unless users scrutinize terms of service. The pending Cassidy bill aims to extend HIPAA‑level protections to these apps.

The conversation underscores that leaders must embed privacy into technology architecture, refine governance, and stay alert to emerging legislation. CIOs and CISOs should treat data sharing as a trust engine, not a compliance afterthought, and rigorously vet third‑party applications to protect patient rights and avoid costly breaches.