Going Beyond HIPAA to Protect Health Data Privacy Compliance HealthInfoSec) • April 16, 2021 15 Minutes Twitter Andrew Crawford, policy counsel at the Center for Democracy and Technology A proposed privacy framework from the advocacy groups the eHealth Initiative & Foundation and the Center for Democracy and Technology aims to set standards for the collection, disclosure and use of health data that falls outside the protection of HIPAA, says attorney Andrew Crawford of CDT. That data ranges from personal information collected from smartwatches and fitness tracking apps to geolocation information and content from websites related to health, he says. "What we've tried to do is identify data sets that are as equally sensitive [as protected health information under HIPAA], but are housed, held and used outside HIPAA's rather strict definition," he says.