Digitized Health Records Need Security Software, New Privacy Laws, Conference Told
Digitized health records need tight security controls to fend off hackers -- and laws to keep legitimate entities from inappropriately selling or sharing data, the E-Gov Institute Health IT conference heard in Washington Thurs. Security pros can do “a pretty good job” safeguarding data “but I don’t think we can be perfect,” said John Richardson, Intel Digital Health Group dir.-privacy & security policy: “Technology can implement the policies we put in place, but unless we have those policies the technology is pretty useless.”
Sign up for a free preview to unlock the rest of this article
Timely, relevant coverage of court proceedings and agency rulings involving tariffs, classification, valuation, origin and antidumping and countervailing duties. Each day, Trade Law Daily subscribers receive a daily headline email, in-depth PDF edition and access to all relevant documents via our trade law source document library and website.
Richardson’s group works on Dossia, a fledgling personal health record (PHR) network for employees sponsored by an “employer-sponsored consortium” of Wal-Mart, Pitney Bowes, BP and others. “The key is that if we're going to have our employees use it, we've got to put the [security] bar really high,” he said: “It’s got to be private… personal… and portable.” Dossia isn’t “the medical record… it’s sort of the employee’s copy.” Data flow from health care providers, hospital, the employee and others. Richardson stressed that “We don’t want access as employers. Most of the data lives at the source and you pull it together when you're trying to do something with it.” The group is struggling with “how to manage consent” and when to “break the glass” on security in case of emergency when a patient can’t consent, he said: “Getting some of these healthcare concepts baked into what we're going to do is key.”
Patient Privacy Rights Foundation Chmn. Deborah Peel agreed that “you can’t have privacy and confidentiality if you don’t have good security.” But while Peel said she’s “very pro health IT,” she doesn’t approve of Dossia: PHRs “are the new battlefield for privacy and are “unsafe at any speed so far,” she said: “It’s crazy to get a PHR and I can say that, I'm a psychiatrist.” Dossia “is giving you promises and it isn’t the same thing as legal protection. We want legal protection” from data brokers and others who buy and sell patient data, she said. Peel was on Capitol Hill Wed. speaking on several health IT bills (WID June 14 p1) and said she approved of Rep. Moore’s (D-Kan.) Independent Health Record Trust Act, which would create a PHR bank held by a 3rd party but governed solely by consumers: “We do need a safe place to keep our medical records. We don’t want them kept with insurers, financial institutions or employers,” she said: “The ‘bank’ is an agent of yours and will do nothing without your consent.” “This really is a critical window for our nation,” Peel said: “We should use this opportunity to take back privacy in the electronic realm.” - Alexis Fabbri
E-Gov Health IT conference notebook…
Health information technology (IT) bills probably will take a back seat to more pressing funding priorities, said Jefferson Consulting Group Pres. Julia Susman. “There’s a lot of talk in Congress about how important it is, but when you look at the funding it really isn’t there,” she said: “There’s so much more that has to be going on in the states and local communities because help isn’t necessarily coming from the federal government.” The Iraq war and other needs are taking priority but there is some overlap, she said. Veterans of Iraq are returning with injuries and disabilities more devastating than in the past, driving a need for health IT at Dept. of Veterans Affairs, she said: “If you want to be able to capture and identify a trend to be able to prevent” such conditions, “having a digitized record is essential and it seems very basic, but it doesn’t happen.” Christine Bechtel, eHealth Initiative Vp-public policy & govt. relations agreed that “it’s a tough environment” but “there is some opportunity for committees other than the standard ones” to move on health IT, she said. She noted that health plans including IT are on the agendas of presidential candidates, including Sen. Obama (D-Ill.), John Edwards and Sen. Clinton (D-N.Y.). States have issued 20 executive orders related to health IT the past 2 years, with 121 health IT bills introduced in 38 states, she said. States look to technology to save money and expand coverage for the uninsured, said Kathleen Nolan, National Governors Assn. dir.-health division.