Privacy issues are dominating the airwaves as the industry begins to deal with the EMR data-mining minefield
It seems you can’t pick up a newspaper these days without seeing a headline concerning the privacy of health records.
In March, UCLA Medical Center was forced to take disciplinary action against more than a dozen employees for snooping in the electronic medical records (EMRs) of pop star Britney Spears. Also in March, legislators in New Hampshire voted down a bill that would have added privacy restrictions and audit trails for EMRs. Other states, such as Nevada, have amended privacy laws to allow patients to opt out of health information exchanges (HIEs), and a bill introduced in Congress (H.R. 5442) proposes to do much the same thing.
One person who thinks she has part of the answer is Deborah Peel, M.D., founder of an Austin, Texas-based watchdog group, Patient Privacy Rights. Peel has created an offshoot called Privacy Rights Certified, which plans to begin certifying both personal health record (PHR) and EHR software based on privacy and security policies and features. She says several vendors have expressed interest in taking part in the certification process, including Microsoft’s HealthVault PHR platform and the EMR of e-MDs Inc. (Austin, Texas).
The new organization is necessary, Peel says, “Because there is so much theft and misuse of health data that current certification organizations don’t address.”