Suggested Content
- Community college training of HIT professionals questioned
- Veterans Affairs CIO Roger Baker on VLER progress
- Beacon Communities snag more money for IT
- Docs tell government panel EHR tales of woe
- CAQH, Edifecs launch platform for certifying CORE conformance
- University offers new way to measure HIE performance
- Grants target transition from hospital to home
- VA launches fourth data exchange pilot on NHIN
- HIPAA, HITECH at the heart of Virtual Conference session
WASHINGTON – Privacy experts hold a variety of views on how much control patients should be able to have over their electronic health records.
In a Friday meeting of the HIT Policy Committee, some experts said policies that require too much patient control could hamper a patient's health in a medical emergency, while others said not enough control could put their lives at risk in other ways.
Privacy is a controversial but key aspect of developing healthcare IT policy. Yet most privacy experts agree that without the public's trust in the privacy and security of their records, healthcare IT can't advance.
Deborah Peel, MD, a practicing psychiatrist and founder of the non-profit organization Patient Privacy Rights, said she has seen the consequences of patients not having enough privacy. A lack of safeguards, she said, poses risks to a person's well-being, livelihood and financial stability.
Peel said patients should have total control over their personal health records. It's the only way, she said, to ensure that information that a patient wishes to be kept private is kept that way.
Deven McGraw, director of the Center for Democracy and Technology's Health Privacy Project, said patients intuitively want control of their data, but requiring consent for every exchange of health information is sometimes not the best approach for ensuring privacy.
"If it worked well, we'd be one of the first groups out there advocating it," she said. "It's not about how complicated it is, it's about whether it works or not."
Eileen Twiggs, from the Planned Parenthood Federation of America, said privacy can be a matter of life and death for people working at or visiting Planned Parenthood clinics.
Twiggs said Planned Parenthood providers are often at risk of assault because of the controversial nature of the services they provide, which include abortions. In addition, she said, patients can be put in dangerous situations if family members find out the details of their treatment. In addition, she said, politicians try to gain access to records at Planned Parenthood to defend their own causes.
Patients' fears of losing privacy could compromise the care the organization is able to provide, she said.
"There can be no prying eyes, only those with a legitimate right of access," Twiggs said. This includes blocking politicians, family members, or anyone else who wants access to a patient's records."
Twiggs said privacy and security violations should have substantial consequences.
John Houston, vice president of privacy and information security and assistant counsel at the University of Pittsburgh Medical Center, said privacy is a societal value and opinions vary dramatically. "It's difficult to try and balance that. Privacy is not something that is quantifiable," he said. "I think it's critical that we get this right."
