Consumers Need All of the Facts in the Privacy Debate

The economic stimulus package that President Obama has signed contains upwards of $20 billion to create electronic health records for most Americans within five years. The president has been very outspoken in his belief that EHRs are essential to health care reform and that the subsequent savings they’ll generate will help to strengthen the larger overall economy.

Whenever the subject of proliferating EHRs catches the national spotlight, you can bet that debates about privacy aren’t far behind. Indeed the privacy issue has already started to gain some traction in the media. In this video clip, CNN’s Campbell Brown and Elizabeth Cohen examine how easy it is for someone to obtain private medical information online by simply using someone’s Social Security number and date of birth.

While this assessment may be accurate, it’s a bit light on the fairness
scale. Brown and Cohen only make a very brief mention of facts like
President Obama’s plan to appoint a chief privacy officer and to
implement unprecedented privacy controls to safeguard the EHR
transformation. Instead they emphasize the more sensational angle
implying that electronic health information just isn’t safe. They also
seem to downplay the fact that a simple thing like creating a password
can protect one’s private information.

I suspect the privacy issue is going to reach a crescendo in the coming months, and it’s very important that Americans have all of the facts. There are unfortunately people in the world who are going to try to illegally obtain and misuse private health information. But that doesn’t mean we should just write off EHRs as a bad idea. We simply need to be vigilant and proactive in incorporating the highest security measures into the planning process — which the president has done. To borrow an analogy from a close colleague: we don’t stop building roads because some people drive drunk. We punish the drunk drivers and continue building roads because of the tremendous benefits they bring to the rest of our law-abiding society. There is too much at stake for the health care system and the nation’s economy to allow over-dramatized and misperceived weaknesses in EHR security to thwart progress.

Additionally, to make the privacy debate a fair one we must ask what’s more dangerous: the potential misuse of information or simply not using information at all? Should we put the privacy of an overwhelming minority of people ahead of safer, more efficient, more affordable and potentially life-saving health care for the overwhelming majority? In reality, the only people who stand to be harmed by an unlikelyEMR privacy breach are celebrities and other high profile individuals. Even if someone were to gain access to the average person’s health information, there isn’t much they could do with it, other than cause that person some personal embarrassment. In a very real sense, the question then becomes whether we value the privacy of information more than its potential to help us lead healthier lives.

Without question we must make ensuring privacy a top priority in any plans to implement EHRs. I’m confident that the Obama plan does so and, in fact, I think we’ll see even stronger controls than we may have previously imagined. No EHR is going to come with guaranteed safety, but I would argue that the risk level is the same or less than that associated with online retail and banking transactions. The public needs to understand this. It is up to those of us in the industry to ensure that the facts are clear and readily available. Hopefully the media will choose to report all of them so that Americans can form opinions based on complete information.

David St. Clair founded MEDecision, a leading provider of collaborative health care management solutions, in 1988 and has served as the chief executive officer since 1988. You can learn more about MEDecision at www.MEDecision.com, and contact David at david.stclair@MEDecision.com.

Categories: Uncategorized

Tagged as: ,

14 replies »

  1. I think that Privacy is important and we should give more consideration in the patient viewing their own records. The legislative and professional staff have exceedingly excluded the patient from viewing their own records.Although, their is control of employers regarding discriminatory Practices. It has done little to address the peer view of insurance Companies, third Parties and institutions.
    Most patients don’t have a clue who is viewing their personal information.Reports of activity should be mailed to the patient as to whom was involved and date of activity. I believe that patients should have the right to (read only) their records and challenge the accurateness of that record(with amended comments) to prevent medical errors. I also believe that a patient should be able to copy their reports free of charge.
    I also believe that the surviving spouse should be granted access to Hospital reports on the belated spouse without paying ridiculous copying fees.
    Patients have been left in the dark for too long with arbitrary actions made by the Health Profession. HIPPA has placed patients and the families far removed from the facts and often use these Laws to maintain obscurity.HIPPA has managed to exclude patients from the process of engagement and understanding.
    To summarize, we need to find ways that allows patients to contribute to their own Care. No one knows the Patient as well as the Patient and the spouse. Often time Patients forget Doctors instructions or may be confused of what was told.Having access to a referenced DR’s order would in many ways would be very Helpful.
    Thanks for listening

  2. For the past 20 years, I have kept my own medical records and I believe that everyone has ultimate ownership of responsibility for records and data pertaining to one’s healthcare. There are minor exceptions allowed by HIPAA. I have done this to minimize duplicate tests, the lack of communication between clinics and pharmacies, to inform new physicians with whom I consult about my health, and to inform Emergency Services clinicians. Concurrently, I established medical records, especially prescription medicines and lab tests, for persons for whom I have managed their care. Not as a provider, I empower people to be active participants in their healthcare, mostly during life-threatening illness such as cancer and auto-immune deficiencies.
    Among the healthcare providers I consider to be the best for overall healthcare treatment, prevention education and respect for those receiving care are 1) the Veterans Health Services and 2) Italy’s national health plan.
    What I view as key flaws in the US health care paradigm include: 1. No one identifies the consumer or consumers. The direct-to-consumer advertising by Big Pharma wastes money that could allow for lower retail prices. In an employer-based system, the customers are the employers, not the employees. 2. There are few constraints on market forces–supply, demand, profit, investments and earnings. 3. The professional providers: physicians, nurses, technicians, pharmacists, and administrators, form guilds within their chosen fields. In our military hospitals and clinics, there is a defined hierarchy and where one is in that hierarchy is visible because of rank emblems. In a community or private hospital, the turf wars among the professional clinicians and between the administrators waste time, inhibit information exchange and collaboration, and increase the risks of inadequent treatment, errors in medicines and time limits for face-to-face caregiving imposed by financial constraints rather than care requirements.
    Even in the current Administration’s effort to reform US healthcare, the patient is not identified as the primary stakeholder. Indeed, the origin of our term ‘patient’ means passivity, deference to another’s authority and decisions. If the markers of the need to reform healthcare access and use in the United States are not patient-based, then how can the users, the people, express what our expectations are?
    To what extent does the phrase in the Declaration of Independence “unalienable [sic.] right to Life, Liberty and the Pursuit of Happiness” establish entitlements for maintaining good health? These are questions any federal task force needs to answer to understand the Problem. To date, everyone seems focused on the Solution. Without concensus on the problem or on the qualitive goal of our healthcare policy, there is virtually no chance of consensus on how the US can articulate how we will reform how we attain that policy goal.

  3. I enjoy the position of being involved in HIT, clinical and claims data, *and* being one of the afore-mentioned hackers. Please distinguish hacker from malicious hacker or “cracker”. The term “hacker” has no negative connotation in the community.
    That said, I’d like to promise you all this:
    When we’re done, your health information will be as private and secure as your credit card information.
    It will flow across secured networks using portions of the public Internet. It will be covered by copious security policies, all well-intentioned, and few implemented fully.
    It will be accessible to you, the patient, electronically. A vague audit trail will also be available.
    People who have access to this data – doctors, nurses, covered entities, HMOs, government workers, will store it on their laptops. Their thumb drives. Some will have identifiable data. Some will have deidentified. Some will have patient-level data, some will have aggregated.
    Some of them will have their laptop stolen, forget it at the airport, lose their thumb drive. Some will just take it because they can sell it to some guy in Romania.
    Third parties will make decisions about you based on your unique profile. Some of these decision will help you, such as reminding you to go get that mammogram. Some will hurt you, because you, like me, have not yet fully quit smoking.
    All the above is going to happen. You have no say in it. It’s begun, it’s overdue, and it will be as imperfect a system as the current one, but with more detailed history of its imperfections.
    It will surface new ways to practice medicine, and many of them will be for the collective good. It will surface new ways to lower cost, and many of them will be for the collective good.
    You will be as secure in the safety of your medical data as you currently are with your credit data. You all punch your PIN in to the supermarket checkout machine while 15 people watch you. Right?
    The government does not have your credit history any more than I have your credit history. The government may have your health score, the same way it can access your credit score. Or your landlord, or your employer, or your private detective.
    You will have no more and no less security than with any other confidential information you currently manage, such as your Web site password for your online broker or your online checking account, the credit card bill you throw away unshredded, your mother’s maiden name.
    I don’t hear any of you cutting up your credit cards.
    I am not a doctor, a health provider, nor a policy maker. I am merely a tech-savvy consumer who happens to build health report cards using what little data is available to me. If nothing else, I look forward to the day I can actively score the use of evidence based medicine using clinical data delivered deidentified. That and I’d like to know what my last test result were, even if they were a couple years ago.
    This is a non-conversation, and allowing the world and their mother to have a say in the indisputably inevitable is merely costing more money and wasting more time. HIPAA already covers who can see what when; properly implemented using standards-based EHR software is already happening, and will continue to happen.
    The sooner we build it, the sooner we can start making it better day by day.

  4. Dr Sucher wins 2 thread prizes: most concise post, & wisest. At present “healthcare privacy” is a wraith, a boogeyman, & like most boogeymen, it is foisted upon the innocent by people, by institutions, that would retain power over them. The unknown deserves respect, but rarely fear.

  5. I prefer to facilitate the move to EHR’s. We can’t have any real health reform without more HIT and saner forms of rationing. National efforts have largely failed primarily because policies have been hostile to the small practices where most patients receive care. I am eager to see evidence that shows support for the planned road maps to security and interoperability (i.e. by more than just a subset of a minority of the community). Otherwise, the American efforts will fail just as they have in the U.K.
    Theoretical business models and ROI analyses will be a hard sell to most practices because they have either been severely burned in the past or know someone who has been.

  6. To answer your question Randall Oates, there is the business model out there for practices to implement EMRs using the current HITSP AND cut overhead through stream line medical billing. Rather than thinking “can the average practice afford to convert to EMRs?” it will be, “who can afford not to?”.

  7. Massive amounts of health care data is already available in electronic formats in databases ranging from insurance and government claims systems to hospital records systems. One may construct a very accurate patient record using just claims info, especially if you add in lab data as attached files with the claims submissions. Claims-based EHRs are actually fairly common these days in both the private sector (look at Availity) and even within some state Medicaid programs. The abuses that some people worry about are already possible with the information that is already collected and stored. EHRs are not something that is “coming”; the reality is that they are already here. It is just that what is, in reality, EHR-type health info is currently maintained by payers and we all still think of it as “claims data”.
    The irony is that the people who often don’t have ready access to the health care information that is already collected on them are patients and the doctors treating them.

  8. I think there are three separate concerns that tend to be lumped together when people start debating the privacy of electronic health records, and we need to address all three to convince the doubtful that EHRs can keep patient data secure. The first concern is that of hackers independent of a practice or medical institution somehow accessing patient data care for malicious purposes. The chances of a hacker accessing Internet-based EHRs and client server-based EHRs that don’t transmit their patient data across the public forum of the Web are miniscule (note that the security differences between Internet-based and Web-based applications are not known by many people, who tend to lump the two technologies together; see http://www.nuesoft.com/evolve to understand the difference). If Obama’s administration sets some minimum security standards relating to interoperability and the way that EHRs transmit data, patient information will quite literally be as secure as data held by the Federal Reserve or Defense Department.
    The second privacy concern is that people within the practice or medical institution, whether a care provider or support staff, may access patient records needlessly out of curiosity (most likely with celebrities). However, electronic health records make this type of security breach less likely, not more likely; different permissions levels for different users and the “audit trail” in place on robust EHRs make records more secure than paper records.
    Finally, there’s a worry that, as Rob outlines above, health information will be shared with companies against our wishes. Although EHRs make data easier to transmit, this is not really a concern about implementing EHRs; it’s a concern about federal regulations – and the ethical standards of the health care industry. Choosing to not store patient data electronically won’t prevent changes in privacy regulations, although it might stunt progress in health care.

  9. I disagree with the statement “Even if someone were to gain access to the average person’s health information, there isn’t much they could do with it, other than cause that person some personal embarrassment”. This information, made public, could be used to discriminate against people (hiring, credit, insurance, etc.)
    Nearly every day you hear more about security breaches in companies that have implemented “security”. I believe that the real problem is the tremendous administrative overhead. Insurance companies should have to pay for all health claims. They should only be allowed to look for fraudulent/abusive claims. Imagine all of the money saved by eliminating referels, pre-approvals, etc.

  10. What evidence has been collected that a typical practice (i.e. those with 1 to 3 physicians) are willing to implement the security and privacy constructs as defined by HITSP?
    Has there been any analysis as to what the typical costs would be?
    What evaluation has been done to determine what percentage of typical practices would be willing to purchase such systems?

  11. As someone who is directly involved with healthcare privacy and security — in HL7, HITSP, and CCHIT — it’s very clear that we already have the technology standards and processes necessary to enforce privacy policies. We don’t need more technology. We need what we have defined to be widely implemented.
    One key problem is the lack of coherent policies. We have a crazy quilt of overlapping and sometimes conflicting rules among the states and too-vague Federal policies. The policy constructs for healthcare consumer data-disclosure consents are immature. We need to correct the regulatory policy logjam. Then we will have better privacy for all.
    Almost paradoxically, the prohibition on having a national unique identifier for healthcare increases the risk for privacy violations. Without a unique identifier healthcare providers who want to locate a patient’s records must look-up a list of possible matches based on name, birthdate, etc. This lookup produces a list of many possible matches, exposing each to privacy breaches. A unique identifier will enable privacy protections to be applied more precisely.
    Another problem is the lack of implementation. While HISTP and CCHIT provide a template, some vendors are still unprepared for interoperability when it comes to security protections. This creates a patchwork of mismatched systems and opens opportunities for hackers. We need to strongly encourage IT vendors to conform with HITSP’s security and privacy constructs sooner rather than later.

  12. As a patient, I’m concerned that any personal information, once aggregated, can be used to judge me in absentia. The problem isn’t with data collection; it’s with judging people with a narrow, mail-slot view of their character, and the only way to avoid that is to be very careful about data collection.
    Witness how many good jobs now require a background check, which can, yes, shed some light on a person’s background, but not necessarily on their work ethic or abilities. Car insurance rates are based partly on your credit rating. Your chance of getting a good-paying job is, too.
    This isn’t a matter of some paranoid interest in privacy; it’s about the right to face our accusers, which we have thrown away in the interest of so-called convenience. Some clerk, or, increasingly, computer model, can decide I’m unreliable, uninsurable, unable to answer for my family history. This is the insidious, unspoken result of giving our databased souls away.
    So how long until we’re secretly assigned a health rating, similar to a credit score? I can see this happening in maybe 10 years. It might lead to a healthier people, but it will more likely further marginalize the unlucky as much as incentivize the healthy.

  13. I find it interesting that people talk about privacy in a very nebulous fashion. There is no direct discussion that asks what are patients concerned about as it relates to their personal health information? Let’s air out the exact concerns and address each one. Just talking about privacy like its the boogey-man doesn’t get us very far as it relates to coming up with solutions that address distinct and finite issues.

  14. I like the stimulus package, but I’m not so keen on the idea of losing my privacy. Do we really have an honest enough group of people that won’t abuse the power being given to them?