Latanya Sweeney’s riveting testimony April 22nd at a roundtable discussion on the “Implementation of Health Information Technologies in a Healthcare Environment” was highly praised by Representative Patrick Kennedy, a co-host of the event. The briefing hosted by Representatives Patrick Kennedy and Tim Murphy was sponsored by the Capitol Hill “Steering Committee on Tele-health and Healthcare Informatics” and the Institute for e-Health Policy.
From Professor Sweeney’s testimony:
- Secondary use of protected health information (PHI) by Business Associates is “unbounded, widespread, hidden, and difficult to trace.”
- Implementing EHRs that meet ‘Meaningful Use’ criteria will “increase data sharing, but adding the NHIN will massively increase data sharing.”
- There are significant defects in the two National Health Information Network models which are supposed to link all Americans’ health information online that HHS plans to implement.
- The proposed NHIN models aren’t capable of exchanging enough needed health data (i.e., do not have enough “utility”) nor do they permit patients to have any control access sensitive health data by the millions of “Covered entities” and their employees who will use the NHIN (i.e., do not offer enough “privacy”).
In other words, the NHIN solutions currently on the table give Americans the worst of both worlds: no privacy at all (patient control over personal health information) and the inability to exchange all the health information we need for clinical and other uses.
After she spoke, Representative Kennedy commented:
- “Your role is very, very significant.”
- “If the issues you just raised aren’t addressed, then everything else is meaningless. Without trust we will have the most difficult implementation with consumers.”
- “You went into specific examples and anecdotes that [show how the NHIN models] could blow the whole thing up. It doesn’t take political sensitivity to understand what the reaction from the public will be.”
We applaud Professor Sweeney for pointing out the serious technical problems with the NHIN proposals AND proposing the solution: risk analysis of all technical systems for exchanging health data. We applaud Congressman Kennedy’s wisdom in seeking Professor Sweeney’s response to plans for the NHIN.
Dr. Sweeney recommended that ALL proposals for exchanging health information be subjected to risk analysis, so HHS and the public can compare the proposals ‘apples-to-apples’ and so the specific flaws/defects of each approach can be addressed in advance.
We agree with her. We need to know what we’re getting into before we build poor systems that will exponentially increase the theft, misuse, and exposure of Americans’ sensitive health information, from prescription records to DNA, to millions more strangers across the globe.
Professor Sweeney has been trying to get the national HIT Policy and Standards Committees to face the consequences of choosing from the various technology strategies for health information exchange, always making the obvious point that different systems pose different threats to privacy. The threats and strategies to mitigate them should be dealt with before anything is built.
Patient Privacy Rights fully supports Professor Sweeney’s recommendations. The Administration and Congress should make sure that we build the right NHIN and the right HIT systems. We have only one chance to build a trusted health system. Once public trust is lost, it is very difficult to restore.