Lucia Savage

Portrait of Lucia Savage

Lucia Savage, J.D. is Chief Privacy & Regulatory Officer at Omada Health, expertise at the intersection of HealthIT, Privacy, and Policy. With more than two decades of experience in employee benefits and healthcare, Lucia is a well-known expert on privacy, Health Information Technology, healthcare transparency and performance measurement, quality improvement, health information exchange, employer health insurance exchanges and ERISA healthcare benefits.

Lucia Savage's Latest Blog Posts

New at Health Datapalooza 2016: A Day Devoted to Privacy and Security

Lucia Savage | April 28, 2016

For many years now, health IT developers, consumer advocates, and representatives from U.S and international governments have converged on Washington D.C. each spring for Health Datapalooza. This national conference brings together the companies, startups, academics, government agencies, and individual innovators working on the newest and most effective uses of health data to improve patient outcomes. Over the years, as interest in the event and the exciting opportunities to leverage health information has grown, so has interest in ensuring appropriate privacy and security safeguards and enabling consumer access to their health information — not just in the United States but worldwide.

Read Full Post.

Keeping Consumers in the Know: Help Us Update the Model Privacy Notice

Lucia Savage | February 26, 2016

As ever more sophisticated retail health technology – like exercise trackers, wearable health technologies, or mobile applications that help individuals monitor various body measurements – comes into widespread use, it is increasingly important for consumers to be aware of companies’ privacy and security policies, including data sharing practices.

Read Full Post.

The Real HIPAA: Quality Assessment/Quality Improvement and Population-Based Activities Examples

Lucia Savage | February 25, 2016

Welcome to the fourth and final blog post in our series on how HIPAA supports interoperability. In the previous installments, we provided practical examples and illustrations that show how Health Care Operations Permitted Uses and Disclosures apply to covered entities. In this post, we pick up where we left off and provide examples of how HIPAA supports exchange of electronic health information for Quality Assessment/Quality Improvement and Population-Based Activities.

Read Full Post.

The Real HIPAA: Care Coordination, Care Planning, and Case Management Examples

Lucia Savage | February 18, 2016

Welcome to the third blog post in our series. Blog #2 discussed how HIPAA supports interoperability, and discussed definitions of Treatment and Health Care Operations-functions for which HIPAA supports electronic exchange of health information. This blog post gives additional practical examples of exchange for Treatment and exchange for Health Care Operations. Let’s jump right in.

Read Full Post.

The Real HIPAA: Permitted Uses and Disclosures

Lucia Savage | February 11, 2016

Welcome to the second blog in our series on how HIPAA supports exchange of electronic health information for patient care and health. This blog post summarizes the new ONC fact sheets on HIPAA Permitted Uses and Disclosures for exchange (Treatment and Health Care Operations), developed in conjunction with the Office for Civil Rights. This installment answers the questions: What are HIPAA Permitted Uses and Disclosures?

Read Full Post.