Health IT execs mull fixes on health record privacy

Maureen McKinney writes in Government Health IT:

Health information technology executives this week called for the development and dissemination of a more lucid set of policies on consumer access to health records in order to allay public fears that using a personal health record would put their health privacy at risk.

In a Web conference sponsored by the Agency for Healthcare Research and Quality, Dr. David Lansky, president and chief executive officer at the Pacific Business Group on Health, said that despite public interest in PHRs, security was a major consumer concern that would hinder public participation in the medium.

“Because people believe that they could suffer from insurance discrimination, job discrimination or stigma if something about them becomes known, that anxiety becomes a damper on how the information is shared across the network,” said Lansky, who recently left his post as senior director at the Markle Foundation.

Recent studies by the Markle Foundation demonstrate consumers’ enthusiasm for PHRs, Lansky said. Close to 70 percent of surveyed patients expressed a desire to look for errors in their medical records, and the same percentage said they would use a PHR to check and fill prescriptions. Still, vulnerability of medical information was a significant worry, he said.

The solution, Lansky said, is a clear and concise policy framework for consumer access that addresses issues like whether or not the Health Insurance Portability and Accountability Act applies to PHRs. In addition, elements of the record such as authentication, rules for secondary use and transparency need to be clearly delineated to remove any unease or distrust, he said.

Standards for PHRs are available, according to Dr. John Halamka, chairman of the Healthcare Information Technology Standards Panel, and the chief information officer at Beth Deaconess Israel Medical Center in Boston. Halamka pointed out that a national standard for PHR information exchange does exist in the form of the Continuity of Care Document.

The CCD is a data transmission standard, endorsed by HITSP, which provides a vehicle for applications that gather data from hospitals, laboratories and other sources, Halamka said.

These standards are now part of the requirements for government technology purchases for the Defense and Veterans Affairs departments, Halamka said. “That means we are converging on a single means of data exchange.”

Halamka said he is optimistic that HITSP’s efforts will increase interoperability among stakeholders and new standards will be incorporated into PHRs like those introduced by Google and Dossia.

When a caller posed a question about who would be responsible for policing security for massive PHRs like Google, Halamka admitted there is currently no government watchdog group. Instead, Google has an advisory council, made up of industry experts, who ensure no data mining or advertising occurs. “It’s a start,” he said.

Source – Government Health IT

About the author: Dissent

Comments are closed.