It’s been 13 years since the HIPAA Privacy Rule required hospitals and physicians to give patients copies of their electronic health records. We still can’t get them.
The healthcare industry is stonewalling: most people can’t get electronic copies of their health data at all, even if they jump through labor-intensive paper-based processes. How ironic: to get copies of personal health data we have to sign primitive, blanket paper consent forms. Unlike every other business in the Digital Age, the healthcare and health IT industries have no interest in building direct online relationships with their customers, i.e., patients.
Why are we being stonewalled? There are several answers:
· Personal health data is the most valuable personal information in the Digital Age. The healthcare and health technology industries don’t want to give us our own data, they think it belongs to them.
· Few people know that HIPAA was changed in 2002 to eliminate patients’ rights to consent and control over the use of personal health data.
· The change in HIPAA legalized the US health data broker industry.
o Health data holders, users, and analyzers now control what, when, and to whom our sensitive personal health data is disclosed, sold, or traded.
o Over 880,000 health data suppliers buy, sell, and trade our health data millions of times every day.
o Virtually all companies that hold, process, or analyze our personal health information believe it belongs to them; including hospitals, electronic health records systems, pharmacies, health technology companies, mobile health and fitness apps, labs, health insurers.
· Most people have no idea that the US has the world’s largest hidden health data broker industry. This industry is illegal in Europe.
· Few physicians or pharmacists know that patient data is being sold, ask and they will tell you HIPAA protects the privacy of your data—but it doesn’t.