Here's a thought. When it comes to privacy and security, all patient information is equal.
This isn't a new idea, of course.
I have a copy of the Oath of Hippocrates on my wall. It says, “Whatever … I may see or hear … which ought not be spoken abroad I will not divulge, as reckoning that all such should be kept secret.”
In the U.S., however, that's all Greek to the feds and many states. They have created legal gradations of health information sensitivity. Patient information about mental health, drug and alcohol abuse treatment and HIV/AIDs, for example, is earmarked for special treatment, particularly when it comes to health information exchange.
Typically, U.S. laws specifically require patient consent before “sensitive” information can be shared, even between doctors and hospitals, whereas, under the 2002 HHS-revised HIPAA privacy rule, patient consent is no longer required for most data sharing of other health data types.
So, it was refreshing to visit with Dr. David Levin last week at a health IT leadership forum here in Chicago hosted by Microsoft.
“I'm a little bit of a contrarian,” said Levin, a board certified family practitioner and full-fledged geek doc. He is the chief medical information officer at the Cleveland Clinic.
Read more »
Permalink | Post a Comment
Sometime before the end of March, the Office of the National Coordinator for Health Information Technology will be releasing new tools to help providers wanting to digitize the process of obtaining patient consent before releasing their medical records to regional or statewide health information exchanges.
The tools, developed in a pilot project in western New York, include educational videos that can be shown to patients on tablet computers, which also run software that enables patients to digitally record their consent (or not). The videos were developed following a random survey of western New Yorkers and several focus group meetings, with the aim of ascertaining what patients might want to know before they commit to making their electronic records available to the exchange.
Read more »
Permalink | Post a Comment
I want to say something quickly about outsourcing mobile app development.
At the Health 2.0 conference this week in San Francisco, HHS and the Advisory Board Co. announced the winners of their competitions for apps using the Blue Button technology developed by the U.S. Veterans Affairs Department.
Read more »
Permalink | Post a Comment
This year, it seems, the Healthcare Information and Management Systems Society is taking a more subtle approach to lobbying for privacy and security regulation.
During its annual Health IT Week lobbying push earlier this month, HIMSS presented just three "asks" to Congress. Two dealt with privacy and security issues.
One asked legislators to study patient identification. A two-page letter from HIMSS spent a lot of verbiage discussing the history of a national patient identifier and how Congress has, since 1999, banned federal funds from being used to "promulgate or adopt" one.
Nonetheless, HIMSS is looking for wiggle room.
Its statement pondered whether studying a patient identifier is verboten, then postulated that a "lack of clear congressional intent . . . poses a huge impediment to the optimal adoption of health information exchange."
That's a slight softening of focus. In 2006, HIMSS and another organization it helped create, the National Alliance for Health Information Technology, pushed for a national patient identifier.
In another "ask" this year, HIMSS is lobbying Congress to support "harmonization" of federal and state privacy laws—again, an apparent softening of its position.
Read more »
Permalink | Post a Comment
Personal health records and health record banks are nothing new.
Then again, neither are data breaches, consumer surveys saying people want their privacy rights respected and provider surveys indicating, within limits, that they'd like to respect their patients' privacy desires.
Read more »
Permalink | Post a Comment
