Don’t Let EHR Vendors Own Your Data

“In a recent blog posting, John Moore and Rob Tholemeier of Chilmark Research ask the question: ‘Who’s Data is it Anyway?’ Your electronic health records data is not the property of your vendor and there are things you can do about it, they contend.”

To view the full article, please visit: Don’t Let EHR Vendors Own Your Data

Is not just celebs who need strong security and privacy for PHI

‘Smart’ EHR software designed for security, privacy, and compliance with the law and ethics, would allow only those who have your informed consent to access your records. Staff and employees who carry out the orders of your attending physician could access your records under the informed consent you give your physician, by electronically affirming they are part of your treatment team. Instead of primitive, legacy EHR systems that allow 10,000 hospital staffers or employees access to your records, in a ‘smart’ EHR system only the 100 or so directly involved in your treatment could get into your PHI, preventing 9,900 snoopers’ eyes from seeing anything.

Is not just celebs who need strong security and privacy for PHI–what about women whose abusers work for hospitals? What about all the minor local celebs? Do you want your nosy neighbor who is a clerk to be able to read your records?

Stepping up employee snooping via retroactive audits is EXTREMELY expensive (major hospitals have to have large technical staffs to be able to audits millions of accesses looking for those that should not have occurred). ‘Smart’ consent technologies exist. Retroactive audits for improper access are like looking for needles in a haystack UNLESS you are Nadya Suleman or some other celebrity whose EHR is being actively watched. Why not keep the horses from getting out of the barn in the first place?

Refer to COMPUTERWORLD story: “Kaiser fires 15 workers for snooping in octuplet mom’s medical records“.

The Health Record Paparazzi is Above the Law and In Bed With Congress

We learned today that all of us are a bit like George Clooney: the Health Record Paparazzi loves a celebrity, but it loves the average American just as well. Instead of intrusive cameras flashing and TMZ taping our every move, we have insurers, employers, hospitals, doctors, pharmacies, drug companies, marketers, creditors and banks digging around for our most personal, intimate information.

HIPAA protects no one, including movie stars. The HIPAA regulations were changed by a Bush appointee that defy the ancient doctor-patient promise that when a patient goes to their doctor, whatever they share will be kept private. No one can make that guarantee anymore. To see the fine print visit Patient Privacy Rights.

Over 4 million individuals and businesses can see and use our health records, without consent and over objections. HIPAA is so broad it is hard to imagine who doesn’t have a legal right to your most personal details.

The Health Record Paparazzi can be stopped — but only by an act of Congress. Right now, Congress is working on legislation that will open up your health records even more. Everyone will have control over your health information except the patient.

We must have federal legislation that guarantees our right to control our most personal information and requires meaningful, enforceable penalties for everyone who shares our information without consent.