Baby’s death spotlights safety risks linked to computerized systems

Check out this very relavant story from the Chicago Tribune Health section, “Baby’s death spotlights safety risks linked to computerized systems,” written by Judith Graham and Cynthia Dizikes.

As a topic discussed a lot in Session 3.2 of the Health Privacy Summit, “Control of patient information – Health Information Exchanges,” this subject is the tip of the iceberg on the many risks of electronic health records that must be addressed as billions of stimulus dollars go into creating a health IT infrastructure.

Baby’s death spotlights safety risks linked to computerized systems, Chicago Tribune, by Judith Graham and Cynthia Dizikes, June 27, 2011

Hospitals Wary of Hackers Seek Insurance from AIG

Bloomberg News aired a segment on the rising threat of electronic health information systems to patient privacy and tapped Jim Pyles, an expert from the first health privacy summit to speak.  He pointed out that the lack of adequate health data security, the ability to breach thousands or millions of records simultaneously, and the value of health data on black market as key causes of the growing number of reported health data breaches.

View the video here.

Synopsis: Doctors and hospitals adopting electronic patient records under a U.S. government program are exploring insurance policies to help cover the costs of medical-data breaches. Data breaches cost U.S. hospitals $12 billion over the past two years, according to a study by the Poneman Institute. Bloomberg’s Megan Hughes reports on “InBusiness with Margaret Brennan.”

Re: Web site helps people profit from information collected about them

See the new story in the Washington Post by Thomas Heath: Web site helps people profit from information collected about them

A new technology called “Personal” allows people to control some their personal information and monetize it themselves.   A technology like “Personal” could give us control over our personal health data, which is constantly being “monetized” today without our consent and sold for uses that have nothing to do with improving our health.

“Personal” is betting that data we enter about ourselves and our product preferences will be very attractive to corporations that want to know us and/or sell to us. Today corporations use and sell whatever information they can scavenge about us online.

Similarly, sensitive health data that we control and release will be FAR more valuable to our doctors, researchers, and marketers because we have checked it for accuracy and completeness.  No one has quite the same motivation to ensure the accuracy and completeness of our health data as we do: it’s literally a matter of life and death.

Here is the business model “Personal” uses:

  • “if you mon­etize your data (Personal doesn’t like the word “sell”) through commercial activities with companies that want to buy it. Personal wants to be your “agent,” collecting a 10 percent fee on the compensation you receive each time you monetize your data.
  • EXAMPLE:  “So if I were a user of Personal, I could fill in the data fields in my “gem” on travel preferences for my trip to Stockholm this summer. I would release the information to Stockholm hotels, which could compete for my business based on my preferences for a clubby hotel bar, delicious breakfasts, a king-size bed and access to running trails. If a hotel gave me a discount or cash payment, Personal would collect a 10 percent fee.”

JUST LIKE in today’s electronic healthcare systems where we are powerless to stop the theft and sale of health data, “Personal can’t stop companies and others from scavenging data by tracking your online activities. It does, however, “give you the tools to monetize your data, but only if you want to,” Green said.”

“Personal’s” model of individual control over personal data could work very well with sensitive health data—–giving us choices, like NOT selling anything at all. But, Granny could sell some of her health information to afford her medications.  Or Dad could sell some of his data for research to afford treatment.

At a time when healthcare is not affordable for so many people, why should hospitals, pharmacies, doctors, labs, health IT and HIE vendors, prescription data mining corporations, insurers, transcription companies, data warehouses, states like Texas, digital devices, cell phone corporations and innumerable others be able to sell and “monetize” health data, instead of patients?

Many are concerned that if patients can monetize their data, poor and vulnerable people will give up privacy for money and the rich won’t need to. But how moral is the current system where corporations secretly profit from health information about the poor and rich alike?

To date, federal and state laws designed to prevent the sale of our protected health information have not been implemented or enforced. Congress and the states intended to stop the sales of health data without consent, but industry lobbies have effectively prevented the laws from working.

When was the last time your pharmacy asked if they could sell your prescription details? All US pharmacies sell everyone’s prescription records every night. See: http://patientprivacyrights.org/consumers/campaign-for-perscription-privacy/

Don’t bet on knowing your records’ whereabouts

Joseph Conn with ModernHealthcare.com wrote about the Health Privacy Summit in the IT Everything blog. You can read the full article here: Don’t bet on knowing your records’ whereabouts

“Do you know where your electronic health information is tonight?

Here’s a reader challenge: I’ll pay $10 to the first adult who has had at least five encounters with the private-sector healthcare system in the past 10 years to come up with a complete map of where all his or her electronic health records have traveled, who has seen them and where they are now.

I feel my money is safe in my pocket, and here’s why:

First, I’ve been covering health IT for nearly 11 years, and there is no system I know in this country that can completely track the whereabouts of someone’s electronic health information.

Second, there are no laws or incentives to induce complete tracking of a patient’s records.

And yet, patients ought to have access to just such a record map, according to health IT and privacy experts participating in the first Health Privacy Summit Monday in Washington. The daylong conference was put together by Patient Privacy Rights and the Lyndon B. Johnson School of Public Affairs at the University of Texas, Austin…”

Report from first health care privacy conference

Andy Oram, editor at O’Reilly Media, was also a Rapporteur and part of the Planning Committee for the First International Summit on the Future of Health Privacy.

You can view his recap and thoughts from the Summit here: Report from first health care privacy conference

Strange that a conference on health privacy has never been held before, so I’m told. Privacy in health care is the first topic raised whenever someone talks about electronic health records–and dominates the discussion from then on–or, on the other hand, is dismissed as an overblown concern not worthy of criticism. But today a conference was held on the subject, prepared by Patient Privacy Rights and the University of Texas’s Lyndon B. Johnson School of Public Affairs, and held just a few blocks from the Capitol building at the Georgetown Law Center as a pre-conference to the August Computers, Freedom & Privacy conference.