First HIT Policy Committee Meeting on Stripping Privacy Away?

No surprise the new HIT Policy committee is gearing up to eliminate privacy, i.e. patient control over personal health information, using the excuse that the entire nation’s records are needed for biosurveillance and research without informed consent. See the quotes from Drs Calman and Clark. The title of the article says it all: “Committee studies public health, research“.

The committee is dominated by industry appointees who will make sure the policies they come up with grant unfettered government and industry access to Americans’ most sensitive personal data, from prescriptions to DNA.

What they don’t get is they will lose the public’s support and trust if they build a system where everyone’s health records can be data mined for any research purpose. A Westin/Harris IOM poll found only 1% of the public would allow researchers unfettered access to their electronic medical records. The government and the research community are completely at odds with the public’s rights to health privacy.

The reality is millions of Americans already refuse to participate in healthcare systems that harm them because they have no control over their medical records.

HHS noted in the Preamble to the HIPAA Privacy Rule that 600,000 Americans/year avoid early diagnosis and treatment for cancer because treatment records are not private private. Two million people/year with mental illness avoid diagnosis and treatment for the same reason: their records are not private. The Rand Corporation found that 150,000 Iraqi vets refuse treatment for PTSD because their treatment is not private, resulting in the highest rate of suicide in active duty military personnel in 30 years.

Can this commitee face reality when they have severe conflicts of interest and want the use of Americans’ health data?

The lack of privacy drives millions away from healthcare. And the lack of privacy causes suffering and death–bad outcomes.

It looks like patients’ and consumers’ best hope for preserving their health privacy rights in electronic systems may be Gayle Harrell. She may be the only committee member who can face reality.

A Start to Securing PHI?

Sometimes press releases for new products tell us far more about the risk of identity theft in electronic health systems than the mainstream press or trade journals.

Check out this zinger quote: “Most organizations don’t even know where their PHI is.” Why doesn’t the mainstream press tell the public that the health care organizations (like hospitals) have no idea where all their sensitive personal health data resides?

How about this: “The software (Identity Finder) automatically finds PHI such as social security numbers, medical record numbers, dates of birth, driver licenses, personal addresses, and other private data within files, e-mails, databases, websites, and system areas. Once found, the software makes it simple for users or administrators to permanently shred, scrub, or secure the information.” Emails? Who sends drivers license numbers, SS#s, and Dates of Birth in emails? Clearly lots of healthcare organizations do.

We can only hope products like this sell.

See full article at:

From Sharing Music to Sharing Medical Records

Scientific American gets it. Do you? View story here.

Dr. Eric Johnson’s latest study is out. Our job is to inform the public and Congress, who are continually being falsely reassured that health IT systems are secure and private by spinmeisters for the insurance, hospital, drug, Health IT, and health data mining industries.

Industry’s blatant false promises of security and privacy are something we have been urging FTC to investigate (as false and deceptive trade practices) and the new Administration should understand to ensure that the stimulus funds are not spent on primitive health technologies with abysmal security and no consumer control over PHI. We need ‘smart’ health IT, ‘smart’ human processes, and we need the health care industry to step up and use them, so we have trusted electronic systems and don’t waste the stimulus billions.

See Dr. Johnson’s paper here.

The research examined samples of health-care data disclosures and search activity in peer-to-peer file sharing networks of the top 10 publicly traded health care firms (using Fortune Magazine’s list) over a two-week period. More than 500 hospitals were represented in the 10 organizations. 3,328 files were collected for the study.

•”data losses in the healthcare sector continue at a dizzying pace”
•”Far worse than losing a laptop or storage device with patient data (Robenstein 2008), inadvertent disclosures on P2P networks allow many criminals access to the information, each with different levels of sophistication and ability to exploit the information.”
•”Many of the documents were leaked by patients themselves. For example we found several patient-generated spreadsheets containing details of medical treatments and costs–likely for tax purposes.”
•”we found a hospital-generated spreadsheet of personally identifiable information on recently-hired employees including social security numbers, contact information, job category, etc”
•”For a hospital system, we found two spreadsheet data bases that contained detailed information on over 20,000 patients including socials security numbers, contact information, and insurance information.”
•”For a mental health center, we found patient psychiatric evaluations.”

Where is the mainstream and trade journal reporting on this???

Pro-Privacy Will Continue to Grow

More and more genuine consumer pro-privacy groups —as opposed to privacy-lite, industry-supported, faux consumer organizations—are speaking out to restore privacy in electronic health systems. Support for privacy rights will build and build. There may be set-backs, but we cannot be stopped. See this recent article on Consumer Watchdog supporting patient privacy.

The real reason privacy will win is simple and practical: electronic systems will never be trusted or work unless consumers control personal health information.

In the words of Justice Brandeis: “The right to be let alone is the most comprehensive of rights and the right most valued by civilized men. To protect that right, every unjustifiable intrusion by the government upon the privacy of the individual, whatever the means employed, must be deemed a violation of the [Constitution].” Justice Brandeis 1928.
Olmstead v. United States, 277 U.S. 438, 478, 48 S.Ct. 564, 572 (1928) (Brandeis J., dissenting).

Brandeis dissented from the conventional wisdom of his time. Today we are the dissenters from the CW of our time, but like Brandeis’ dissent, ours will prevail.

Genomes: Behold or Beware

Patients whose physicians “collaborate” with genetic testing corporations should beware. Today, Navigenics and all genetic testing businesses can legally sell genomic data. There is no way to know which ones sell or use data without informed consent and which don’t. Americans’ personal health information is extremely valuable to corporate America. Genomic data requires extreme privacy protection because it can be used to harm not only an individual but all his/her relatives.

According to Navigenics, the personal data shared is “aggregated” and “de-linked” from “your account information”, but Navigenics offers no proof that it cannot be re-identified.

As we learned from the NIH experience, it is very difficult to “de-identify” or “anonymize” genetic data. The NIH closed a public research data base of “de-identified” genetic data after researchers proved the data could be re-identified See: . Corporations that share “de-identified” or “anonymized” health data should be required to publish the algorithms that were used and prove the data cannot be re-identified.

Questions abound:
• How can anyone be sure that Navigenics protects the privacy of genomic tests without trusted external audits of their privacy practices and policies?

• Does Navigenics pay MDVIP’s doctors a “kickback” for “collaborating” each time a patient gets genomic tests? Does MDVIP inform patients that it has a contract with Navigenics and what each doctor is paid?

• Who is being paid for “collaboration”? What exactly are the financial and contractual terms of “collaboration” between MDVIP and Navigenics?

• Do MDVIP’s patients really understand the risks of using Navigenics to do the testing or the risks of letting Navigenics share their genomic data with unknown researchers and research organizations—-that can put their data into public data respositories and publish it in studies? Or the security risks that a particular public respository can be hacked?

• Are MDVIP’s patients coreced into taking Navigenics tests by their doctors? Most patients want to do what their doctors recommend. What is the consent process?

• Did MDVIP contractually sell or give their patients’ genomic data or to Navigenics to own or sell? Should the public trust Navigenics, a for-profit corporation, when personal genomic data is a very valuable commodity?

• Should any for-profit collaboration “define the standards in which preventive genomic medicine will be integrated into patient care for decades to come”? No consumer health privacy expertise, assessment, or input was sought.

• There is not yet an operational, trusted, consumer-led privacy certification organization to audit genomic testing corporations to certify they don’t sell genomic data and that consumers control sensitive personal genomic data in their data bases. In the absence of a trusted privacy certification organization, the privacy principles developed in 2007 by the bipartisan Coalition for Patient Privacy or the Code of Fair Information Practices could be used as guides for building a genomic testing and preventive healthcare system that consumers will trust and be willing to use.

• Would MDVIP’s patients still feel “the experience (was) positive”, “empowered rather than anxious”, and “desire to change their lifestyles and more productively work with their physicians” if they knew their doctors were paid by Navigenics and their data was sold and/or put in public data repositories with unknown security and privacy protections?

This blog is in response to the article: Physician network to use genomic-based preventive healthcare

The Health Record Paparazzi is Above the Law and In Bed With Congress

We learned today that all of us are a bit like George Clooney: the Health Record Paparazzi loves a celebrity, but it loves the average American just as well. Instead of intrusive cameras flashing and TMZ taping our every move, we have insurers, employers, hospitals, doctors, pharmacies, drug companies, marketers, creditors and banks digging around for our most personal, intimate information.

HIPAA protects no one, including movie stars. The HIPAA regulations were changed by a Bush appointee that defy the ancient doctor-patient promise that when a patient goes to their doctor, whatever they share will be kept private. No one can make that guarantee anymore. To see the fine print visit Patient Privacy Rights.

Over 4 million individuals and businesses can see and use our health records, without consent and over objections. HIPAA is so broad it is hard to imagine who doesn’t have a legal right to your most personal details.

The Health Record Paparazzi can be stopped — but only by an act of Congress. Right now, Congress is working on legislation that will open up your health records even more. Everyone will have control over your health information except the patient.

We must have federal legislation that guarantees our right to control our most personal information and requires meaningful, enforceable penalties for everyone who shares our information without consent.