|Don't let your privacy be terminated!|
Control your personal health care privacy. Health care providers are being forced into the world of electronic medical record (EMR) keeping while patients are being left behind in the dust of this rush to the electronic revolution. There is no public or government outcry for the privacy rights of the patient with this move into the world of electronic health information technologies, (HIT). The fact of the matter is that there is no public discourse on how the clients of health the care system are being treated in this rush to HIT. The government has discounted the public while forcing an adherence to electronic media on health care providers without a thought as to how this will affect the most important person in this shift to electronics and that is the patient. Patients have no idea what is being done with their most private personal healthcare records PHR. Physicians give little thought or concern to patient privacy as the government is the author of the new HIPPA 5010 policies. There is little to no consideration given by anyone to the choice of the individual patient as to how or where their records are stored or used.
What most people don’t know is that their most personal health information is being bartered and sold in public domain to the highest bidder without their knowledge or consent. The federal government has passed new regulations for HIPPA that declare your personal health care records can be compiled in lists and sold in clearing houses to the highest bidder for purposes of research. Are you getting that warm fuzzy feeling yet? This is being done in order to control the costs of pushing the health care providers into electronic media. How you may ask? Well let me enlighten you. I will paint this in broad strokes but the threat to your privacy is by no means to be diminished. It is your privacy that is at stake. I don’t know how you feel about your personal health care records but mine are extensive I can see the pitchmen drooling over them right now.
The government in order to break the iron clad federal HIPPA laws have made changes to the HIPPA regulations in order to make a loophole in your right to control your personal health care records. In the first attempt by the government to control dissemination of your personal health care records there was an outcry among federal employees about privacy concerns as the government wanted to de-identify all federally insured workers medical records with the 4010A1 HIPPA law. This law meant that their medical records could be exported to clearing houses for research. The Fed’s halted implementation of 4010A1 which outlined eight steps required for de-indentifying personal health care records. They went back and reassessed the concerns of the employees and came up with new de-identification guidelines with HIPPA 5010 which outlined eighteen guidelines for de-identification of your personal health care records. However, the new guidelines do not guarantee that your personal health care records will remain 100% private.
The conclusion of a study done by John Hopkins Medical Institution was that “a major flaw in the current de-identification models is their failure to prevent re-identification by inference.” The “Godelization of pathology database: re-identification by inference” is a mathematical equation that calculates the probability of your personal health care records being re-identified. This study demonstrated that a patient’s medical records are not 100% secure under the HIPPA 5010 guidelines.
The problem for both patients and health care providers in today’s world of electronic information are costs, privacy, transparency and control. The reality is that not only do health care providers have to come to terms with the new reality of electronic charting and record keeping but the patients as well need to evolve into using this new media. Patients should not be surprised to learn what happens to their health information. If patients would be surprised doctors better get their consent. Transparency by providers goes a long way to enable consent. There are also trigger events that would indicate the need for “meaningful” consent from a consumer, such as a third party or some exchanges that collect and combine information in a database for use by others. Consumers should be able to understand how their information is used. While on the health care provider side of this equation the costs have diminished there is no process in place for the patient to have equal control of their PHR.
In the next blog I will discuss privacy choices for your personal health care information. What can you stop and what can’t you stop?