IT guru says some e-vendor contracts violate privacy

A nationally prominent physician informaticist who serves as a member of a federal privacy advisory panel said that some electronic health-record and personal health-record vendors have placed in their contracts stipulations that would obligate healthcare providers to violate privacy rules.

Internist Paul Tang is vice president and chief medical information officer of the Palo Alto Medical Foundation, a California multispecialty group practice, and chairman of the board for the American Medical Informatics Association, a professional group whose members use healthcare data for clinical improvement and research.

Tang said he has personally seen the contract language. He declined to identify the vendors or how he came to see the offending contract provisions.

“That wouldn’t be fair,” Tang said. “It’s just those things are in there.”

Tang’s observations disturbed, but did not surprise, several privacy advocates, including Joy Pritts, a lawyer and assistant research professor with the Health Policy Institute at Georgetown University. She blamed the problem in part on laxity by the Office for Civil Rights at HHS, which is charged with enforcing federal healthcare privacy rules under the Health Insurance Portability and Accountability Act of 1996.

{Contracts that give the software companies or vendors “ownership” of patient health records is very common. Consumers should ask every doctor’s office and every hospital if their electronic health system allows the technology company to “own” or use their health records. This practice is identical to the electronic systems in all 51,000 pharmacies in the US which allow every single prescription in the US to be data mined and sold daily. McKesson, United Healthcare’s Ingenix, and others give or lease software to every pharmacy, then data mine and steal the information daily. Although HIPAA “legalized” this use of prescription records, the practice of prescription data mining violates laws in every state and medical ethics. But state Attorneys General have yet to act and enforce common and state law, and medical ethics that require consent before prescription data is used. ~ Dr. Deborah Peel, Patient Privacy Rights}

Leave a Reply

Your email address will not be published. Required fields are marked *