On the blog — March 18, 2009

The state of electronic medical record privacy

Posted by Jamie Court

A newspaper reporter just called to ask about the state of privacy under electronic medical records, which will now be spreading thanks to $20 billion in the federal economic stimulus plan.  Electronic medical records can help avoid medical mistakes, like those suffered by Dennis Quaid's newborn twins, but the privacy protections under the stimulus bill need to improve.

Here's a run down from our health policy director Jerry Flanagan and the World Privacy Forum's Pam Dixon on the protections and loopholes for electronic medical records in the stimulus bill.

1. The "prohibition" on the sale of medical records is weak, full of loopholes, and applies only to HIPPA covered entities or their "business associates" (think: doctors and anaethesiologists).  DOES NOT apply to Google and Microsoft.  Major exceptions to prohibition of sale if sale is for "research" purposes.

2. The breach provisions requiring companies to notify patients when electronic medical records are breached does apply to Google and MS.  However, there are "safe harbor" provisions that let companies off the hook from the notification requirement if the breach occurred in "good faith."  Bringing Google and MS into the breach requirement (as a "vendor" of electronic medical records) was a last minute change, and something Google and MS will try to eviscerate in the technical clean-up bill.

3. Audit trail only gives patients information of when there information was "disclosed" but not how it was "used."  What this means is that when you go to the hospital for a surgery, the hospital will have tell you when they disclosed the information to a "business associate" but not how the hospital used the information.  As a result, the patient will not know which hospital personnel looked at the information or for what purposes -- i.e. you won't know if a nurse reviewed your file to look up drug allergies or whether the hospital's fundraising office reviewed the record for the purpose of requesting a donation.  Also, the hospital will only tell a patient which "business associates" (again, think specialists and non-contract doctors) the information was disclosed to, but not who those business associates disclosed the information to or how they used the information.  Patient will have to go to each business associate to get disclosure information -- could be hundreds of business associates for each hospital stay.

Rate This Article:

Comments:

Post A Comment

You are not logged in, please do so at the top of the page.

Recent Posts in Protecting Patients:

Blue Cross's taste of what's to come if health reform fails

February 8, 2010 | Posted by Judy Dugan

Those of us who have health insurance--or think we have health insurance--can get complacent about whether the nation needs that big, complicated health reform legislation. But just try getting sick. Is your insurance even real? If it is, can you afford it after the latest round of price hikes? Is your deductible so big that paying it will mean financial ruin? Check out these stories and think about what the White House and Congress, by wimping out again on health reform, will condemn all of us to...

Read More »

Dateline NBC on why being insured isn't same as being covered

January 25, 2010 | Poste by Jamie Court

Here's the full link to last night's excellent Dateline NBC "Critical Condition," which followed insured patients as they were turned down by their health insurers for critical care.

Read More »

Reform or no reform, insurers will weasel on "out of network" loopholes

January 19, 2010 | Posted by Judy Dugan

The Washington Post today has an eye-opening story today on how a family ended up in crushing debt at an "in-network" hospital apparently jammed with out-of-network doctors. Tens of thousands of dollars later, their little boy's rare and deadly heart defect is at least semi-fixed, but the family finances are in ruins. It's a problem that won't be fixed by reforms that rely on the private insurance industry. But it's also a problem that Congress can partly cure, with or without bigger reforms.

Read More »

MLK and the Massachusetts Senate Disaster

January 18, 2010 | Judy Dugan

Dr. Martin Luther King Jr. said little about health care, though the one fragment that is quoted leaves no doubt about where he stood: “Of all the forms of inequality, injustice in health care is the most shocking and the most inhumane.” The quote is hard to confirm, but health care proponents losing ground to a fear campaign need King's power to stoke determination in the service of hope.

Read More »

Patient protections are California's to lose

January 12, 2010 | Posted by Judy Dugan

California has been a leader in patients rights, largely in response to abuses  by HMOs that, for instance, tried to eject new mothers and babies from the hospital a few hours after giving birth, and attempted to require "drive-by mastectomies."  The federal health reform bill could weaken or do away with all that, including a right to HIV/AIDS testing. Rep. Jackie Speier of San Mateo is leading a tough fight to preserve such rights, and so is Consumer Watchdog.

Read More »

View All Next »

Face Off With Obama!

Tell the President what's on your mind, then send your photo with Obama to your friends and the White House at BarackAndMe.com

Facebook users can click here.

Forward This Page To A Friend

Excerpts From Jamie Court's Dateline Interview Covering Health Insurer Hell

Heath Insurers Coercing Employees Into Political Action?