Comments and Recommendations
We are working together to educate Congress about the need for health privacy for all Americans and to build an electronic healthcare system where patients can keep their health records private.
Coalition submits comments to HHS on Modifications to the HIPAA Privacy, Security, & Enforcement Rules Under the HITECH Act
On Monday, September 13th 2010, the Coalition for Patient Privacy sent in comments to HHS regarding modifications to HIPAA. Ensuring Americans’ control over health information is critical for quality health care and the success of health information technology (HIT). The Coalition applauds the efforts of the Department of Health and Human Services (HHS) to revise HIPAA. However, the Coalition also urges HHS to require use of robust electronic consent and segmentation tools to assure compliance with the consumer privacy and security protections in HITECH and existing rights in state and federal law and medical ethics.
On Monday, March 15th, 2010, the Coalition for Patient Privacy sent in comments to HHS on the HITECH Initial Set Interim Final Rule (IFR). We reiterate in these comments how there needs to be patient control of valuable personal information, a definition of the word “privacy” that is so frequently used, and a high set of standards to ensure privacy.
On Friday, October 23, 2009, the Coalition for Patient Privacy sent in comments to HHS on the Breach Notification Interim Final Rule (IFR). Not only were Patient Privacy Rights and the Coalition dismayed and disappointed by the IFR, as several key members of Congress wrote a letter to the Secretary of HHS missed the mark, eliminating consumer protections intended by Congress. Read the letter from these congressmen here. See the full letter from the Coalition here.
8/20/09: HHS issues its Interim Final Rule. Public comments are due by October 23, 2009.
On May 21, 2009 the Coalition for Patient Privacy submitted comments to the Department of Health and Human Services on breach notification. Specific standards and criteria included encryption, destruction and limited data sets. To see more specific standards as well as direct answers to some of HHS’ questions, you can view our letter here. Also see HHS’ official request for information.
Patient Privacy Rights also submitted comments to the Federal Trade Commission on breach notification Monday, June 1, 2009. You can view these comments here.
The Health IT Policy Committee recommends policies to guide how the nation’s health IT networks are built and how they will work. The committee is dominated, however, by people from the health and technology industries, so consumers’ and patients’ interests and rights are not being adequately heard or addressed.
Patient Privacy Rights is closely tracking these meetings on behalf of the bipartisan Coalition for Patient Privacy.
The Coalition for Patient Privacy then sends comments to the committee. The Coalition proposed using existing, strong privacy enhancing federal policies and technical solutions to make sure that consumers’ rights to control their sensitive personal health data are built into all electronic health records (EHRs) up front.
The committee met on July 16, 2009.
The Coalition for Patient Privacy delivered a letter to all members of the committee on August 3rd. The Coalition recommended that key consumer protections be dealt with as soon as possible, not delayed 6 years, as the committee proposed to ensure that Americans can trust the nation’s HIT system.
On June 26, 2009 the Coalition for Patient Privacy submitted comments to the HIT Policy Committee on Meaningful Use. The key critical function needed in every EHR to enable “meaningful use” of EHR data is the ability for patients to control the uses and disclosures of all protected health information (PHI), and this was the main recommendation. You can view our full comments here.
On Monday, February 2nd, 2009 the Coalition for Patient Privacy urged the Senate to keep health privacy in the American Recovery and Reinvestment Act, S. 1. This bill has many of the privacy provisions Patient Privacy Rights has been working for since we were founded, most important being the prohibition on the sale of protected health information (SEC. 13405(e)). It is crucial that the Senate reject calls from industry to spend taxpayer dollars without Accountability, Control, and Transparency. There are more privacy provisions in this bill as well as proposed provisions which we support.
Read the Coalition’s letter to the Senate here.
The Coalition for Patient Privacy urged the 111th Congress to include privacy protections in any federal Health IT legislation. January 14th, 2009, a press conference was held to ensure much needed privacy protections are included in any funding given to implement health IT systems in the proposed economic stimulus package.
During this event and in their letter, coalition partners called on Congress to “A.C.T.”, by providing: accountability for access to health records, control of personal information, and transparency to protect medical consumers from abuse. Consumer trust is essential to health IT adoption and participation and only attainable with privacy safeguards.
Read the Coalition’s letter to Congress here.
View some of the news coverage from this conference:
- Privacy Groups Urge Leaders to Ensure Safeguards for IT, CongressDaily, 01/15/2009
- Bipartisan Coalition Sends Letter to Congress Urging Privacy Protections With Health IT, Medical News Today, 01/15/2009
- Economic Stimulus Package Likely To Cost $850 Billion, With Up To $90B for State Medicaid Programs, Kaiser Network, 01/15/2009
In October 2007, nearly 50 organizations joined the Coalition for Patient Privacy to announce and deliver our 2007 Letter to Congress demanding that consumers control their personal health information in electronic health systems. The letter includes the Coalition’s updated the Privacy Principles. At the October 18, 2007 press conference Rep. Ed Markey (D-MA) joined Coalition members representing Patient Privacy Rights, the ACLU, the U.S. Bill of Rights Foundation and Microsoft Corporation, Inc. in calling for legislation to restore our right to health privacy. Read the 10/18/07 press release.