In response to The Wall Street Journal article “Heart Gadgets Test Privacy-Law Limits”
This story shows the ethical and legal absurdity of private corporations’ claims to own and control patient records. Greedy corporations are copying their business models from Google and Facebook: sell every piece of information about every individual to any willing buyer.
Despite patients’ strong rights to obtain copies of their entire medical records, including data from devices that monitor health status, most hospitals and electronic health systems don’t yet offer patients a way to download personal health information, which is required by HIPAA and HITECH.
EVEN MORE IMPORTANTLY patients also have very strong ethical, legal, and Constitutional rights to control the disclosure and use of personal health information.
Today’s health IT systems and data exchanges were designed to prevent patient control over personal health information. Most health IT systems have abysmal data security (millions of health data breaches and thefts) and no means for patients to control who can see, use or sell their health data.
Government and Congress have poured $29 billion in stimulus funds into defective technology systems that violate the public’s rights to privacy and control over health information in electronic systems.
Medtronic and hospitals are hiding behind illegal contracts that violate patients’ rights to access and control sensitive personal health information.
We need clear new laws to ban the sale of personal health information without informed consent and RESTORE patient control over use, disclosure, and sale of health information.