How long before providers take the privacy rap?

I'm sure many of you, like me, are in HIMSS mode right now. So, I'm going to interrupt your packing for the Las Vegas meeting of the Healthcare Information and Management Systems Society for only a minute.

A line jumped out at me from a report by the National Partnership for Women and Families released Wednesday: "Making IT Meaningful: How Consumers Value and Trust Health IT,". It summarized the responses from some 1,900 patients surveyed online by Harris Interactive and was overseen by veteran privacy researcher Alan Westin.

It found that patients are well aware that the current level of privacy and security protections in electronic record-keeping, quite frankly, stinks.

Nearly six out of 10 patients surveyed whose physicians used an EHR and two thirds of those whose physicians used paper records indicated that "widespread adoption of EHR systems will lead to more personal information being lost or stolen," the report said.

In addition, better than half of those patients surveyed "believe the privacy of personal medical records and health information is not well protected by federal and state laws and organizational practices."

"These findings suggest significant uneasiness regarding the privacy and security of electronic systems," the report said.

And this is the line that struck me: "Notably, this issue is not about trusting providers."

It went on to say that, "More than 90% of both paper and EHR respondents trust their doctors to protect health information. Rather, this unease may point to inexperience with the capabilities of electronic systems and dissatisfaction with the legal and policy framework in place to protect health information."

The thought that jumped into my head was this: For how long?

How long do you think it's going to take before patients wise up to the fact that their hospitals and doctors offices leak like sieves and they start blaming both for the sorry state of medical records privacy and security in this country? Of course, there are the data-miners, insurance companies, drug companies and all the others out there in the medical data trade that should and may get tarred by the same brush.

Here's a link to the Wall of Shame at the Office for Civil Rights at HHS. There are now 392 covered entities on the list and a bunch more of their "business associates." To qualify, they had to let slip the records of 500 or more people since September 2009.

They total more than 19 million records.

And that's only the breaches OCR wants you to see. It's hiding the records of at least 30,000 other breaches and has refused multiple requests under the Freedom of Information Act to release them. The OCR's excuse? It's "investigating" the self-reported confessions.

How long do you think providers and federal policymakers are going to skate blame-free as these breaches mount, as leaked data in electronic medical records become fodder for all manner of commercially profitable misuses, such as job and price discrimination?

Let's wait and see, shall we?

Follow Joseph Conn on Twitter: @MHJConn.