Home » Blogs

  • del.icio.us
  • Digg
  • StumbleUpon
  • Reddit
  • Facebook
  • Google
  • RSS Icon
  

The risks and flaws of NHIN development

April 28, 2010 | Deborah C. Peel. MD , founder and chair, Patient Privacy Rights

Everyone who cares about the privacy of their PHI should read Latanya Sweeney’s written testimony on the NHIN flaws (PDF).
 
Her criticisms of the proposed models National Health Information Network are sorely needed.
 
HHS has been charging ahead full steam without paying attention to the risks and flaws of the models they are funding.
 
One of the two NHIN networks chosen, NIEM, to exchange health information is run by the DOJ and NSA. See stories where Dr. Blumenthal denies that health information will be funneled to the CIA, Justice Department or National Security Agency here and here.
 
Latanya Sweeney’s riveting testimony took place April 22nd at a roundtable discussion on the “Implementation of Health Information Technologies in a Healthcare Environment”. She was highly praised by Representative Patrick Kennedy, a co-host of the event.
 
The briefing hosted by Representatives Patrick Kennedy and Tim Murphy was sponsored by the Capitol Hill “Steering Committee on Tele-health and Healthcare Informatics” and the Institute for e-Health Policy. I attended the meeting and wrote down both her remarks and Rep Kennedy’s remarks.
 
From Professor Sweeney’s testimony:

• Secondary use of protected health information (PHI) by Business Associates is “unbounded, widespread, hidden, and difficult to trace.”
• Implementing EHRs that meet ‘Meaningful Use’ criteria will “increase data sharing, but adding the NHIN will massively increase data sharing.”
• There are significant defects in the two National Health Information Network models which are supposed to link all Americans’ health information online that HHS plans to implement.
• The proposed NHIN models aren’t capable of exchanging enough needed health data (i.e., do not have enough “utility”) nor do they permit patients to have any control access sensitive health data by the millions of “Covered entities” and their employees who will use the NHIN (i.e., do not offer enough “privacy”).
 
In other words, the NHIN solutions currently on the table give Americans the worst of both worlds: no privacy at all (patient control over personal health information) and the inability to exchange all the health information we need for clinical and other uses.
 
After she spoke, Representative Kennedy commented:

• “Your role is very, very significant.”
• “If the issues you just raised aren’t addressed, then everything else is meaningless. Without trust we will have the most difficult implementation with consumers.”
• “You went into specific examples and anecdotes that [show how the NHIN models] could blow the whole thing up. It doesn’t take political sensitivity to understand what the reaction from the public will be.”
 
We applaud Professor Sweeney for pointing out the serious technical problems with the NHIN proposals AND proposing the solution: risk analysis of all technical systems for exchanging health data. We applaud Congressman Kennedy’s wisdom in seeking Professor Sweeney’s response to plans for the NHIN.
 
Patient Privacy Rights fully supports Professor Sweeney’s recommendations. The Administration and Congress should make sure that we build the right NHIN and the right HIT systems. We have only one chance to build a trusted health system. Once public trust is lost, it is very difficult to restore.
 
 
Deborah C. Peel, MD is the Founder and Chair of Patient Privacy Rights

Related Topics:

Reader Comments (0)Login to Post a Comment