Abbott’s Privacy Rights Proposals Draw Attention

“Attorney General Greg Abbott‘s support for more stringent privacy laws is getting some notice, as privacy rights activists say his proposals would lead to more protections for Texans. But concerns tied to the enforcement of the proposed policies are also being raised.”

To view the full article, please visit: Abbott’s Privacy Rights Proposals Draw Attention

 

Helmet cams raise privacy, liability concerns

“Every time Austin Fire Department Engine 20 rolls toward an emergency call, firefighter Andrzej Micyk straps on a bright yellow helmet to protect himself from heat and falling debris…and a tiny, high-definition video camera that captures…every move — from how he interacts with the public to what he does to gain control of an inferno.”

To view a video the Statesman published with this article, click here

To view the full article click here


Comments from Dr. Peel: “Other major national fire departments ban helmet cams. The Austin TX Fire Dept has no policy about personal helmet cams. The key problem for the public is firefighters often respond to medical emergencies. Should someone with a heart attack or suicide attempt end up on YouTube?”

“This story raises questions about citizens’ rights to health privacy that are similar to the problems that occur when hospital and emergency room employees use cell phones to take pictures of patients.” See recent example: http://abcnews.go.com/Health/woman-sues-hospital-sticker-prank-surgery/story?id=20204405

“In a different context, police cars use video cameras to document encounters with citizens who are potentially breaking the law. In this case, videos serve a very different purpose and protect both citizens and members of the police.”

 

An American Quilt of Privacy Laws, Incomplete

The MOST “incomplete” US privacy law is HIPAA, which eliminated Americans’ rights to control the collection, use, disclosure and sale of their health data in 2001.

The new Omnibus Privacy Rule did not fix this disaster. It made things worse by explicitly permitting health data sales for virtually any purpose without patients’ consent or knowledge. These new regulations violate Congress’ intent to ban the sale of health data in the 2009 stimulus bill.

In addition to not being able to control personal health information Americans have no ‘chain of custody’ for their health data, so there is no way to know who is using or selling our health data.

We need a data map to track all the hidden users and sellers of our personal health information, from our DNA, to our diagnoses, to our prescription records:

  • -Watch Professor Sweeney describe the Harvard Data Privacy Lab/Patient Privacy Rights research project to track hidden users of our health data at: http://patientprivacyrights.org/thedatamap/
  • -WE NEED A DATA MAP TO SHOW THE GOVERNMENT IT’S TIME TO FIX THIS PRIVACY DISASTER!

Attend or watch the next health privacy summit June 5-6 in Washington, DC to learn about these urgent health data problems and potential solutions:

Re: Big Changes Coming in EU Privacy Law

Regarding the article in the Genomics Law Report: Big Changes Coming in EU Privacy Law

The new EU standards for data privacy apply to health data and require the level of personal control over health data and informed consent that Americans expect from electronic health systems, but don’t have. US companies doing business in the EU will have to comply with these tough new privacy protections in a year or face penalties. If companies can build privacy-protective systems there, why not here?

Quote:

  • Companies doing business in the EU must prove “every subject has given consent for the processing of their data for specified purposes. Consent is defined as “any freely given specific, informed and explicit [emphasis added] indication of will,” and can be withdrawn at any time. The subject will also have a controversial “right to be forgotten and to erasure.” This means that when the subject withdraws consent or “the data are no longer necessary” for the purposes for which they were collected, the company must render the data inaccessible, including on the Internet.”

Americans feel the exact same way the European public feels; they too want ethics-based systems that comply with longstanding rights to health privacy.

Since US companies will have to comply with strong patient privacy rights in the EU, they could obviously do the same in the US. Unless the US builds in the same strong patient protections, research comparing electronic health records in the US and EU will be impossible.

The Administration should use the EU example to move forward and require US electronic systems and data exchanges be built to comply with Americans’ longstanding rights to control the use of personal health information.