Top Experts Discuss Privacy Risks at 2nd International Summit on the Future of Health Privacy

Patient Privacy Rights and Georgetown University Law Center’s O’Neill Institute for National and Global Health Law Host Event

Psychiatry Patient’s Story Highlights Growing Threat to Privacy

WASHINGTON–(BUSINESS WIRE)– When a lawyer named “Julie” sought psychiatric treatment in Boston, she never imagined that the notes of sessions with her therapist would be digitized and made available to thousands of doctors and nurses—even dermatologists and podiatrists with no conceivable need for such private records. But that is precisely what happened. “Personal details that took me years to disclose during therapy are being shared throughout my medical network, against my will,” Julie says. “It’s destroyed my trust with my doctors.”

Julie will tell her story for the first time at the 2nd International Summit on the Future of Health Privacy, to be held in Washington, DC, on June 6-7. Sponsored by Patient Privacy Rights, the nation’s leading health privacy watchdog, and Georgetown University Law Center’s O’Neill Institute for National and Global Health Law, the Summit will explore the often-alarming privacy implications of the nation’s race to digitize patient medical records.

“Every state requires patient permission before sensitive mental health records can be shared with other doctors. But Julie found that hundreds of pages of intimate records, some detailing her abuse as a child, were open to the entire staff of her Boston-based healthcare system,” says Dr. Deborah Peel, founder of Patient Privacy Rights. “Julie is an example of how major electronic health records systems can actually strip patients of their privacy rights. Her tragic story highlights the need for the Privacy Summit—to shine light on these abuses and find solutions to protect patient privacy.”

40 Health-Privacy Experts Drive Debate:

More than 40 health-privacy experts from around the globe will gather for the Summit, including top U.S. government officials and leading CEOs, physicians and academics, along with several hundred live and virtual attendees. Speakers will discuss new policies including a Health Privacy Bill of Rights, data exchanges, secondary uses of health data and social media platforms that threaten patient privacy. In addition, the founder of Harvard’s Data Privacy Lab will announce the launch of a yearlong project, the first of its kind, to map the hundreds of secret organizations and agencies where private medical data is sold and shared in the United States.

Summit organizers also will announce the “The Best Privacy Technologies of 2012,” and companies will demonstrate new products that enhance patient control of personal health data.

Louis D. Brandeis Privacy Award:

To kick off the Summit, Patient Privacy Rights will honor the first-ever recipients of the Louis D. Brandeis Privacy Award. The privacy watchdog group will recognize Congressman Joe Barton (R-TX) and Congressman Ed Markey (D-MA) for their roles as leading congressional privacy advocates. And Alan Westin, Columbia University’s Emeritus Professor of Public Law and Government, and Ross Anderson, the University of Cambridge’s Professor in Security Engineering, will be honored for their groundbreaking work on consumer data privacy and security.

WHAT: The 2nd International Summit on the Future of Health Privacy
WHEN: June 6-7th, 2012
WHERE: Georgetown University Law Center
600 New Jersey Avenue, NW. Hart Auditorium, McDonough Hall
Washington, DC 20001

REGISTRATION: http://www.healthprivacysummit.org/d/3cq92g/4W

AGENDA: http://www.healthprivacysummit.org/d/3cq92g/6X

SPEAKERS: http://www.healthprivacysummit.org/d/3cq92g/6K

FOLLOW US ON TWITTER: @PrivacySummit

SPONSORS/PARTNERS: Accenture, CA Technologies, Dell, e-MDs, FairWarning®, Harvard Data Privacy Lab, IDExperts, Jericho Systems, Microsoft, PwC, RTI International, Telemedicine and Advanced Technology Research Center (TATRC), The O’Neill Institute at Georgetown Law Center, The University of Cambridge Computer Laboratory, The University of Texas School of Information

ABOUT PATIENT PRIVACY RIGHTS: Patient Privacy Rights is the nation’s leading bipartisan health privacy organization and leading consumer voice for building ethical, trustworthy healthcare IT systems. For more information, visit http://patientprivacyrights.org

Contact:
Keith Blackman, 202-730-5753
keith@blackmanmediasolutions.com
or
Jim Popkin, 202-686-6699
jim.popkin@sevenoaksmedia.com

Office of the National Coordinator of Health IT, HHS, Announces PPR Summit

To learn more visit Health Privacy Summit and HealthIT.

The Second International Health Privacy Summit is quickly approaching (June 6-7). Our keynote speaker, Farzad Mostashari, MD, ScM is the National Coordinator for Health IT and will be giving a wonderful presentation on “Creating a Culture of Privacy and Security Awareness.” The Office of the National Coordinator for Health IT has given great support to this event and will be participating as well. Here’s what they have to say about the Health Privacy Summit:

June 6-7
2nd International Summit on the Future of Health Privacy

Over 40 leading health-privacy experts from around the globe will gather in Washington, DC for the 2nd International Summit on the Future of Health Privacy to discuss privacy and security issues raised by emerging health technologies. Experts from the U.S. government, the private sector and academia will explore new laws and regulations, data exchanges, secondary uses of health data and social media platforms and how they relate to the privacy and security of patient health information.

National Coordinator for Health Information Technology – Farzad Mostashari, MD, ScM – will kick off this year’s event with a keynote presentation on “Creating a Culture of Privacy and Security Awareness.”

See the full list of speakers at http://www.healthprivacysummit.org/d/3cq92g/6K .

* Agenda: http://www.healthprivacysummit.org/d/3cq92g/6X
* Registration: http://www.healthprivacysummit.org/d/3cq92g/4W FREE to attend or watch live online!

Featured Participants in 2012 DC Health Privacy Summit Announced

March 21, 2012

FOR IMMEDIATE RELEASE

Contact:
Deborah C. Peel, MD
media@healthprivacysummit.org
(512)732-0033

Featured Participants for 2012 Health Privacy
Summit at Georgetown University Announced
Rep. Joe Barton, R-Texas, to Receive Honor;
Farzad Mostashari, MD, ScM, to Deliver Opening Keynote;
Ross Anderson, PhD, FRS, Delivers Evening Keynote

Austin, TX – March 20, 2012 – Organizers today announced a noted honoreeand two outstanding keynote speakers to be featured at the Second International Summit on the Future of Health Privacy, planned for June6th-7th, 2012, at the Georgetown University Law Center in Washington,D.C.

U.S. Congressman Joe Barton will be honored as a “Privacy Hero” during the 2012 Summit’s “Celebration of Privacy” on the evening of June 6. The award recognizes Rep. Barton’s critical role as a top Congressional privacy advocate beginning with co-founding the Congressional Bipartisan Privacy Caucus with Rep. Edward Markey in 2000. His leadership ensured House support for the historic new consumer privacy and security protections in the Health Information Technology for Economic and Clinical Health (HITECH) Act.

The opening keynote will be presented by Farzad Mostashari, MD, ScM, the National Coordinator for Health Information Technology at the U.S. Department of Health and Human Services. In addition, Ross Anderson, PhD, FRS, of the University of Cambridge, U.K., will deliver the evening keynote speech.

The 2012 Summit is hosted by Patient Privacy Rights and Georgetown University’s O’Neill Institute on Global and Health Law to provide an international venue for serious discussion by experts and thought leaders on timely privacy issues. Participants will consider how patients’ privacy and civil rights are impacted by current law and regulations, health technologies and architectures (including mHealth and ‘clouds’), data exchange, secondary uses of health data, and social media platforms. The theme addressed at this year’s Summit will be: Is There an American Health Privacy Crisis?

Summit sessions will also explore health privacy through the lens of U.S. and international policies about health information privacy, such as the recent Consumer Bill of Privacy Rights and the EU Draft Regulation on the Protection of Individuals with Regard to the Processing of Personal Data and on the Free Movement of Such Data.

More About U.S. Representative Joe Barton, R-Texas
Rep. Joe Barton, a 28-year veteran member of the U.S. Congress and Chairman Emeritus of the U.S. House of Representatives’ Energy and Commerce Committee, will receive a “Privacy Hero” award at the 2012 Summit.

The award recognizes Rep. Barton’s critical role as a top Congressional privacy advocate beginning with co-founding the Congressional Bipartisan Privacy Caucus with Rep. Edward Markey in 2000. His award is for his leadership in 2009, which ensured House support for the historic new consumer privacy and security protections in the Health Information Technology for Economic and Clinical Health (HITECH) Act.

More About Farzad Mostashari, MD, ScM
As National Coordinator for Health Information Technology at the U.S. Department of Health and Human Services, Farzad Mostashari, MD, ScM, is charged with promoting the development of a secure and interoperable nationwide health information technology infrastructure.

Dr. Mostashari’s position was mandated through the Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009 and is focused on improving healthcare and clinical research, reducing its cost, and protecting patient health information. Previously, Dr. Mostashari held leadership positions at the New York City Department of Health, including establishing their Bureau of Epidemiology Services, and helped pioneer real-time electronic disease surveillance systems.

More About Ross Anderson PhD, FRS
Ross Anderson PhD, FRS, is a professor of security engineering at the University of Cambridge Computer Laboratory in the United Kingdom. Dr. Anderson is a researcher, writer, industry consultant, and expert in “building systems to remain dependable in the face of malice, error or mischance.”

More About the 2012 Summit Partners
Organizations partnering with Patient Privacy Rights to present the 2012 Health Privacy Summit include:

Registration for the 2012 Summit is free, but space is limited. Register now at http://www.healthprivacysummit.org. Last year’s First International Summit on the Future of Health Privacy successfully established a global public forum on the future of health privacy. Panel members included health privacy experts from academia, industry, technology, consumer advocacy, top government officials, and international experts. Learn more about the 2011 Summit here. Videos are available.

###

O’Neill Institute for National and Global Health Law
The O’Neill Institute for National and Global Health Law at Georgetown University was established in 2007 to respond to the need for innovative solutions to the most pressing national and international health concerns. For more information, visit http://www.law.georgetown.edu/oneillinstitute/about/index.html.

Patient Privacy Rights
Patient Privacy Rights is the nation’s leading bipartisan health privacy organization and leading consumer voice for building ethical, trustworthy healthcare IT systems. For more information, visit http://patientprivacyrights.org.

PPR Founder Interviewed – America in the Balance

03/14/2012: U.S. citizens are concerned about “ObamaCare”- style health care reform and the escalating loss of personal health information and privacy rights. Today’s guest is Dr. Deborah C. Peel, founder of Patient Privacy Rights. PPR was started in 2004 to speak and advocate for the patient’s right to health privacy. Peel has been chosen one of Modern Healthcare’s “100 Most Influential in Healthcare” 4 times in the last 5 years, and is the leading voice for patient control over the use of sensitive health information. Join us as we discuss HIPPA, mHealth, and the upcoming 2nd Annual International Summit on the Future of Health Privacy to be held in June 2012 in D.C.

You can listen to the article by following this link and scrolling down to the 3/14/12 show.

Press Release: Registration is Open for the 2012 Health Privacy Summit

February 28th, 2012

FOR IMMEDIATE RELEASE

Contact:
Deborah C. Peel, MD
dpeelmd@localhost:8888/pprold

(512)732-0033 or (512)820-6415

Announcing the 2nd International
Summit on the Future of Health Privacy
Is There an American Health Privacy Crisis?

Austin, TX – Patient Privacy Rights announces registration is open for the 2nd International Summit on the Future of Health Privacy: Is There an American Health Privacy Crisis?

We invite you to register for the Summit now.

The Summit will be held on June 6th-7th, 2012 at the Georgetown University Law Center. The O’Neill Institute at Georgetown Law is an academic partner, along with the Harvard Data Privacy Lab, RTI International, The University of Cambridge Computer Laboratory, and the University of Texas School of Information.

We are pleased to announce Ross Anderson PhD, FRS, will be a keynote speaker at the Summit. Anderson is a Professor in Security Engineering at the University of Cambridge Computer Laboratory as well as a researcher, writer, and industry consultant and expert in security engineering.

The 2nd International Summit on the Future of Health Privacy is the first and only international venue for serious discussions by experts and thought leaders on the urgent privacy issues raised by health technologies and architectures (including mHealth and ‘clouds’), by law and regulations, data exchange, secondary uses of health data, and social media platforms. The summit will also explore health privacy through the lens of US and international policies about health information privacy, such as the recent Consumer Bill of Privacy Rights and the EU Draft Regulation on the Protection of Individuals with Regard to the Processing of Personal Data and on the Free Movement of Such Data.

The 1st International Summit on the Future of Health Privacy successfully created the first global public forum on the future of health privacy. The panels on urgent issues included health privacy experts from academia, industry, technology, consumer advocacy, top government officials, and international experts. Learn more about the 2011 Summit here. Videos are available.

Please register early, seating is limited. Registrants will be updated regularly on the agenda and new speakers and sessions in the coming weeks.

###

Patient Privacy Rights is the nation’s leading bipartisan health privacy organization and leading consumer voice for building ethical, trustworthy HIT systems. For more information, visit http://patientprivacyrights.org.

2012 Health Privacy Summit – SAVE THE DATE!

June 6-7th, 2012
2nd International Summit on the
Future of Health Privacy
Georgetown Law Center, Washington, DC

Patient Privacy Rights is happy to announce the 2nd International Summit on the Future of Health Privacy will be held June 6-7th, 2012 at the Georgetown Law Center in Washington, DC. If you would like to receive a notice when registration is officially open, please sign up to receive updates.

Patient Privacy Rights is very excited to be working with these remarkable academic institutions & partners for the 2012 Health Privacy Summit:

HIStalk Interviews Deborah Peel MD, Founder, Patient Privacy Rights

Give me some brief background about yourself and about Patient Privacy Rights.

I never expected to be leading this organization or ever even thought about that. In my younger days, I practiced full time as a psychiatrist and Freudian analyst for a very long time, until it became clear that things were happening in DC that would make effective mental healthcare impossible. Namely, that there were lots of different ideas being floated; for example, the Clinton healthcare initiative. There was a part of it that was going to require everyone’s data from every physician encounter be recorded in federal database.

Fast-forward to the HIPAA privacy rule. That’s what really convinced me of the need for a voice for consumers, because there really wasn’t any. What I’m talking about there is, of course, the change in 2002 that happened under everyone’s radar except for – and this is the is the laugh line – when the 3,000 Freudian psychoanalysts in the nation noticed that consent was eliminated.

In 2004, I started Patient Privacy Rights because there was no effective representation for the expectations and rights that the majority of Americans have for how the healthcare system is going to work. Namely, that people don’t get to see their information without consent. Since founding PPR in 2004, we’ve still been the national leading watchdog on the issues of patient control over information and even internationally. Our power has come because when we came to DC, the other people that were working on privacy, human rights, and civil rights recognized that because of my unique position as a physician and deep understanding of how data flows, that I knew what I was talking about.

We very quickly got a pretty amazing bipartisan coalition of over 50 organizations. That enabled us to put these issues and problems on the map.

We had some incredible successes in HITECH. Virtually all of the new consumer protections came from our group, including the ban on the sale of PHI, the accounting of disclosures, segmentation, the new requirement that if you pay out of pocket for treatment you should be able to block the flow of that data to health plans and health insurers. We were the ones that worked with Congressman Ed Markey on getting encryption, required stronger security protections, and worked with Senator Snow to get meaningful breach notice into the rules.

All of this work lead to the first-ever summit on the future of health privacy this past summer in DC. The videos and the entire meeting can be seen or streamed online at www.healthprivacysummit.org.

If somebody said you had to choose between accepting healthcare IT as it is today or going back to purely paper-based systems, which would you choose?

We’ve never been in favor of going back to paper…

Stanford Hospital investigating how patient data ended up on homework help website

A key conclusion from the audience of experts at the first summit on the future of health privacy was HIPAA has not been effective at protecting patient privacy. Jaikumar Vijayan quoted Deborah C. Peel, MD, founder and chair of Patient Privacy Rights, on the problems with HIPAA and the need to restore patient control over health information in this story. See videos of the summit at: www.healthprivacysummit.org

“Stanford University Hospital in Palo Alto, Calif. is investigating how a spreadsheet containing personal medical data on 20,000 patients that was being handled by one of its billing contractors ended up publicly available for nearly one year on a homework help site for students.

The spreadsheet first became available on the site last September as an attachment to a question supposedly posed by a student on Student of Fortune, a website that lets students solicit help with their homework for a fee. The question sought help on how the medical data in the attachment could be presented as a bar graph, The New York Times reported on Thursday.

A Stanford Hospital & Clinics representative told Computerworld in a statement that the hospital discovered the file on August 22, and took action to see it was removed within 24 hours.

“A full investigation was launched, and Stanford Hospital & Clinics has been working very aggressively with the vendor to determine how this occurred, in violation of strong contract commitments to safeguard the privacy and security of patient information,” the statement said…

The breach shows yet again how ineffective HIPAA has been in getting organizations that handle healthcare data, to take better care of it, said Deborah Peel founder and chairman of the Patient Privacy Rights Foundation .

Much of the problems stem from the indiscriminate sharing of sensitive personal information among “legions of secondary users”, she said. The average hospital has between 200 and 300 outside vendors and partners with access to patient data, Peel said.

“We do not have an effective federal health privacy law. HIPAA was gutted in 2002 when control over who can see and use patient data for all routine uses was eliminated,” she said.

The only way to really get a grip on the problem is to allow patients to exert more control over who has access to their data. “Data should be used for a single purpose after the patient gives consent such as consent to use the data to pay a claim or send to a consultant.”

“Consent should be obtained for any secondary or new uses of data,” she said. All organizations that handle health data, including third parties should be certified to adhere to the highest standards of data security, Peel said.

Re: Top 100 – Under Their Influence

This is in response to the article in Modern Healthcare By Andis Robeznieks: “Under their influence, Washington insiders hold sway over our ’100 Most Influential’ ranking, but real change seems to be coming from elsewhere.”

“The Politics of Privacy” is one of four key areas in Modern Healthcare’s story about the “100 Most Influential People in Healthcare” in 2011. Privacy was highlighted because the expectation to control personal health data is a truly bipartisan, trans-partisan issue.

The historic first-ever summit on the future of health privacy co-sponsored by Patient Privacy Rights (PPR) and the UT LBJ School in June was highlighted (see www.healthprivacysummit.org to watch videos of the sessions).

The story recognizes the crucial importance of PPR’s leadership on building patients’ rights to control use of the most sensitive personal information into the healthcare system up front, so patients will use and trust health IT systems and data exchanges.

Unfortunately, many of the new consumer privacy protections the Obama Administration supported in the stimulus bill (HITECH) are being implemented by federal agencies in ways that do not comply with HITECH and other existing federal regulations.

If industry and key government rule makers continue to ignore the American people’s expectations for control over the use of sensitive personal health data, the stimulus billions will be wasted on systems that can’t be trusted and the tremendous potential benefits health IT can bring to treatment and research may never be realized.

Hospitals Wary of Hackers Seek Insurance from AIG

Bloomberg News aired a segment on the rising threat of electronic health information systems to patient privacy and tapped Jim Pyles, an expert from the first health privacy summit to speak.  He pointed out that the lack of adequate health data security, the ability to breach thousands or millions of records simultaneously, and the value of health data on black market as key causes of the growing number of reported health data breaches.

View the video here.

Synopsis: Doctors and hospitals adopting electronic patient records under a U.S. government program are exploring insurance policies to help cover the costs of medical-data breaches. Data breaches cost U.S. hospitals $12 billion over the past two years, according to a study by the Poneman Institute. Bloomberg’s Megan Hughes reports on “InBusiness with Margaret Brennan.”