As the nation gears up for the mass digitization of personal health information, patients ought to have a right to know exactly who accesses their records, and that those who gain unauthorized access will be held accountable for violations, a leading health-information technology group says.
Privacy and security are among the top points outlined in a new Health Information Bill of Rights for patients being promoted by the Chicago-based American Health Information Management Association. The seven-point platform is offered as a model to encourage providers to give strict protections to personal health information and to assuage patients’ fears about information security by increasing transparency.
Providers across the country are preparing to install or improve their electronic health-record systems just as consumers are hearing reports about an increasing number of abuses of access, accuracy, privacy and security by providers. Such incidents violate “the most basic rights of individuals, whose trust has been betrayed and dignity compromised,” AHIMA President Vera Rulon said in a news release.
The Health Information Bill of Rights, which is designed to be posted in hospitals and carried in wallet-sized cards, seeks to advance several ideas: patients ought to have free access to their records, even during treatment, including knowing who has accessed their records; health records should be accurate and protected by a national standard for data security; providers should be held accountable for violating privacy and security laws and policies; and patients ought to have a private right of action to bring lawsuits if a security breach of their health information causes harm.