Testimony of Deborah C. Peel, MD at the ONC’s Patient Matching Stakeholder Meeting

WASHINGTON, DC (December 16, 2013) – Patient Privacy Rights’ (PPR) founder and chair, Deborah C. Peel, MD, submitted written testimony to the U.S. Department of Health and Human Services’ Office of the National Coordinator (ONC) at today’s Patient Matching Stakeholder Meeting. The meeting discussed the initial findings from the ONC’s dedicated initiative to assess which aspects of patient identification matching are working well, where there are gaps, and where improvements are needed.

 

In her prepared testimony, Dr. Peel said that “the Initial Findings address the problems caused by current institutional health information technology (health IT) systems and data exchanges.” However, she also stated that the findings may not adequately address future needs, nor do they foresee how the meaningful use requirements for the Health Information Technology for Clinical Health (HITECH) Act can resolve many of the current problems with patient identity and patient matching.

 

Arguing that the findings present a tremendous opportunity to create and leverage genuine patient engagement, Dr. Peel said that “patients have more interest and stake in data integrity and safety than any other stakeholder.” Describing PPR’s vision of the future, Dr. Peel outlined how meaningful patient engagement will eliminate many of the complex problems caused by current patient identity systems, matching technologies, and algorithms. She also said that meaningful patient engagement means that patients can access, control, or delegate how their personal information is used and disclosed, as well as monitor all exchanges of their health data in real time.

 

Additionally, Dr. Peel discussed key elements for meaningful patient engagement based on Fair Information Practices (FIPs) and federal law. She said that all data holders and all health data aggregators should operate as HIPAA covered entities and should be known to patients. In order to provide accountability and transparency, she said that each data aggregator should provide Notice of Privacy Practices (NPPs), voluntary patient-controlled IDs, patient and physician portals, Direct Secure email between patients and physicians Blue Button Plus (BB+), and real time accounting of disclosures.

 

In her concluding remarks, Dr. Peel stated that polices and best practices should consider how future health IT systems and data exchanges will operate, and should “anticipate meaningful patient and physician engagement, lowering costs, improving data quality, integrity and patient safety.” She urged the ONC to require, promote, and incentivize the rapid adoption of technologies that meaningfully engage patients as described in her testimony.
The complete text of this testimony is here.

Patient Privacy Rights Calls for Patient Control Over Data Exchange on the Nationwide Health Information Network (NwHIN)

In our comments about the NwHIN, Patient Privacy Rights (PPR) urged the Office of the National Coordinator for Health IT (ONC) to use this critical opportunity to address the fatal privacy and security flaws in current systems and state and federal data exchanges. “Multi-stakeholder” public-private governance at the state and federal level has failed to gain public trust.  Public-private governance assures that industry, research, and government interests trump the public’s rights to health information privacy.

To restore public trust, PPR strongly believes:

  • All state and federal data exchanges should be certified to assure that patients control the exchange of their health data. Privacy certification should be designed by a non-profit, patient-led organization with expertise in health privacy;
  • Data should only be exchanged using the Direct Project for secure email between patients, physicians, and other health professionals (with rare exceptions);
  • Patients should always give meaningful informed consent before their information is disclosed; and
  • Sensitive personal health information should only flow to those directly involved in an individual’s treatment, or to those who are conducting research in which an individual has agreed to participate.

Without a network designed to make sure individuals decide who sees their health records, Americans will grow even more wary of seeking needed treatment. We urge the ONC to act now to create a nationwide network that requires comprehensive data privacy and security measures to protect patients’ intimate personal health data. See comments here.

PPR at RSI 2012 Conference in Montreal

Deborah C. Peel, Founder and Chair of PPR, will present at the upcoming RSI 2012 conference in Montreal, discussing the health care system in the United States related to HIT and Data Exchanges.

When: May 3rd, 2012, 1:30pm – 2:20pm
Where: Hyatt Regency Montréal , 1255, rue Jeanne-Mance, Montreal (Québec)·mai 3, 2012

Title: Not even a Fig Leaf for Privacy: American’s Health IT Systems and Data Exchanges

Complexity, legacy architectures divorced from privacy rights, a powerful health data mining industry, government interest in health data, and $27 billion in federal funding have created a health IT environment based on open access to 300 million people’s most sensitive  personal information and the elimination of individual privacy rights. Patient Privacy Rights’ role is to be the voice of the public, to educate decision makers, and to create a movement to build innovative health IT systems worthy of trust.

Re: They’ve got an app for that

In response to Modern Healthcare’s article: They’ve got an app for that

On Feb 15th and 16th , the President’s Council on Science and Technology (PCAST) report was discussed in DC by the national HIT Policy PCAST Worgroup. A key PCAST recommendation was that data be meta-tagged for many uses—one key use is so patients can add tags that say: “do not disclose this sensitive data unless I say so”. Patient Privacy Rights and the Coalition for Patient Privacy have LONG argued that all health IT systems and data exchanges MUST restore patient control over the most sensitive personal information that exists: electronic health data.

We are glad to see privacy-enhancing technologies being demonstrated and used in the nation’s largest electronic health system: the military health system covering 9 million lives.

This story shows how the VA is actually ALREADY using data meta-tags so patients can control who sees what health data—see the video that goes along with the story below at: http://www.modernhealthcare.com/article/20110224/VIDEO/302249949/-1