Policymakers in Washington are going to take a second look at two areas that are vital to the nation’s effort to convert to electronic health records: the proposed national health information network and patient privacy.
Network, privacy revisited
Blumenthal eyes national policy for IT security
David Blumenthal, head of HHS’ Office of the National Coordinator for Health Information Technology, last week told an advisory panel that they need to step back and take a second look at both. He said his office is required under the American Recovery and Reinvestment Act of 2009, also known as the stimulus law, to update the nation’s official IT plan, under “different circumstances.”
Since the plan was introduced, there’s a new president and the stimulus law was passed, bringing with it an expected $34 billion in health IT spending and new laws regarding privacy and security.
“Appropriately,” Blumenthal said of the national health IT plan, “I think it needs to be revisited,” speaking before the HIT Policy Committee. In the past, he said, the NHIN “has been conceived as a network of networks. We are thinking about whether that model is exactly the right model.”
Paul Tang, chief medical information officer of the Palo Alto (Calif.) Medical Center, and vice chairman of the HIT Policy Committee, said he was “influenced” by what Latanya Sweeney, a professor of computer science, technology and policy at Carnegie Mellon University, said at an HIT Policy Committee hearing on privacy on Sept. 18. “We need to define what the architecture should look like.”
Blumenthal said the ONC has been “working intensively on NHIN options” and would like to present them to a work group and the full HIT Policy Committee.
Another proposal offered by Blumenthal is to create an overarching national policy for health information privacy and security. “The need became clear to me when we were talking about privacy and security,” at the September. hearing. “We realized,” Blumenthal said, the nation hadn’t “had a set of principles that make sense. We have decided it would be helpful to have a privacy and security work group.”
One of the witnesses present at the meeting said the stimulus law needs work as far as privacy is concerned. Robert Gellman, a Washington-based lawyer and expert on medical identity theft, said the law leaves “a huge loophole” for healthcare worker snooping and medical identity theft by not similarly requiring a computerized accounting of users of medical records.
This comes at a time when groups in the industry—including the American Hospital Association—are pushing to keep the stimulus law rule interpretations concerning privacy as they are (See story, below).
Send us a letter
Have an opinion about this story? Click here to submit a Letter to the Editor, and we may publish it in print.