Regarding the recent article “80% of health IT leaders say their systems have been compromised” (ModernHealthcare.com, Aug. 26), the current U.S. health information technology system is engineered to guarantee that health data breaches will occur forever.
Our systems enable millions of “weak links” (people and automated technology services) to access millions of patients' records every day. There are no limits on data collection or who can access the entire nation's most sensitive personal health information. Data security is weak, and there's a huge hidden data broker industry, with no accountability or transparency to governments or individuals (whose personal health information is now held in millions of databases, unknown and inaccessible to the patients).
Millions of employees of covered entities, business associates and subcontractors access, use, disclose, trade and sell the nation's personal health information to some 100,000 health-data suppliers covering three-quarters of a million daily health-data feeds. Without a “culture” of protecting data security, data holders are not required to use gold-standard data security technology or obtain external audits proving they meet tough data-security standards. There also isn't a data map that tracks all flows of our health data, so without control over personal health information, we need a “chain of custody.”