Health Data Privacy in the Age of Big Data- Lessons from HIPAA and Dinerstein v Google

This presentation examines the Health Insurance Portability and Accountability Act (HIPAA)’s role in safeguarding health data privacy and its limitations in addressing challenges posed by big data. As data collection expands to include fitness trackers, wellness apps, and technology platforms, many entities and data types fall outside HIPAA’s scope, raising key questions about data privacy and responsible use. The session also explores the Dinerstein v. Google case, focusing on the legal and practical implications of hospitals sharing electronic health record data with technology companies. Drawing lessons from this case, it offers practical insights for hospitals, physicians, researchers, and policymakers on navigating data-sharing partnerships and addressing privacy concerns.

Sara Gerke is an Associate Professor of Law and Richard W. & Marie L. Corman Scholar at the University of Illinois College of Law. Her current research focuses on the ethical and legal challenges of artificial intelligence and big data for health care and health law in the United States and Europe.  

Professor Gerke is leading several research projects funded by the NIH and the European Union. She has more than 60 publications in health law and bioethics, especially AI and digital health. Her work has appeared in leading law, medical, scientific and bioethics journals, including JAMA, Science, and Nature Medicine. 

Before joining Illinois, she was an Assistant Professor of Law at Penn State Dickinson Law and was promoted early to Associate Professor of Law in 2024. Previously, she served as a Research Fellow in Medicine, Artificial Intelligence, and Law at the Petrie-Flom Center for Health Law Policy, Biotechnology, and Bioethics at Harvard Law School, where she oversaw the day-to-day work of the Project on Precision Medicine, Artificial Intelligence, and the Law (PMAIL).