111th Congress, 2009-2011
Congress must give patients the power to decide who can see, share and sell our most sensitive information on earth — our health records. Americans deserve both progress AND privacy. We need a full public debate and roll call vote on any Health IT legislation.
- Grants individuals the right to opt out of any federal electronic system that tracks/stores medical information
- Requires informed consent for the sharing of electronic medical records (for federal programs)
- Prohibits health information from being placed in a federally mandated, created, or funded electronic system without a patient’s written, informed consent
- Repeals the authority of the Secretary of Health and Human Services to adopt standards for the creation of a unique health identifier
- Prohibits the use of federal funds to support, encourage, or otherwise promote the use of standard unique health identifiers in any federal, state or private healthcare plan
- States that the federal government may not require a healthcare provider to participate in any federally mandated, created, or funded electronic system of maintaining healthcare information.
May 2009: By ordinance of the American Recovery & Reinvestment Act of 2009 the Health IT Policy and Standards Committees have been formed and began meeting. The HIT Policy Committee will make recommendations to the National Coordinator for HIT on a policy framework for the development and adoption of a nationwide health information infrastructure. The HIT Standards Committee will make recommendations to the National Coordinator for HIT on standards, implementation specifications, and certain criteria for the electronic exchange and use of health information. Learn more about duties and members of the HIT Policy Committee and HIT Standards Committee.
3/20/09: The Department of Health and Human Services has named David Blumenthal, MD, MPP the National Coordinator of Health Information Technology.
2/17/09: On February 17, 2009 President Barack Obama signed the American Recovery & Reinvestment Act into law. Over $19 Billion is included in this bill to promote health IT, and overall, it is a positive step forward. The privacy protections congress passed are the first major step towards safeguarding our basic, fundamental rights to keep our health matters private in federal law. You can view the final version here. This new law:
- Prohibits the sale of our medical records without consent. There are exceptions for research, public health and treatment.
- Limits marketing.
- Requires any entity using an EHR (covered entities and business associates) to keep an audit trail of all people and organizations with whom they share your information.
- Requires the policy committee to consider setting standards for technology systems to segment sensitive information so we can easily keep an x-ray tech from seeing our pap smear results.
- Requires the policy committee to consider setting standards for encryption of data.
- Increases monetary penalties for violations, grants Attorneys General authority to file suit on behalf of a state’s citizens, requires monitoring of contracts and reporting on compliance.
- Grants funds for non-profits to participate in the regulatory process.
- Requires breach notification.
Please check this page for a detailed analysis of this bill over the next few weeks. We made significant progress, but now is NOT the time to pack our bags and go home. More work is needed. PPR will be working on the finer details of this law as regulations are drafted and sections are enacted.
2/13/09: The House and Senate have released the compromise bill. The portion covering health IT and privacy can be found here. PPR continues to evaluate the new language. However, we are pleased to see that many of the stronger consumer provisions in the House passed bill are included in this version. The House is scheduled to vote today with a Senate vote likely in the next 24-48 hours.
2/10/09: Senate: The Senate has passed their version of the American Recovery & Reinvestment Act, S. 1. You can view the full bill in its final form here. The Senate weakened some of the privacy provisions that were included in the House bill.
1/29/09: House of Representatives: On January 28th, 2009 the House approved (244 188) this $825 billion economic stimulus bill. The bill includes $20 billion to promote health IT. While not perfect, many privacy protections we have fought so hard for have been built into this bill. The bill includes:
- A ban on sale of protected health information in electronic medical records and limitations on marketing
- Audit trails of all electronic health record transactions, encryption requirements, and rights to electronic copies of our records
- Requires the Secretary to revisit and narrow the definition of “health care operations”
- Improved enforcement provisions such as breach notification, required periodic audits, state attorneys general enforcement, a compensation scheme for privacy victims and applying security privacy provisions and penalties to business associates
- Ensuring taxpayer dollars go only to funding systems that are capable of segmenting specific and sensitive information
- Funding for consumer advocacy groups and not for profit entities to participate in the regulatory process.
You can view the full House bill here.
- PPR Letter of Support for the “HITECH Act”
1/19/09: While we would like to see additional privacy protections, we believe the efforts in the House move us much further forward to protecting our private health records. You can read PPR’s letter of support highlighting a number of the key provisions here. You can read the Coalition for Patient Privacy’s 1/14/09 letter to Congress here.
“You have taken critical steps to protect Americans’ jobs and opportunities with the privacy protections incorporated into the Health Information Technology for Economic and Clinical Health Act, or “HITECH Act.” This legislation addresses many of the issues that the Coalition for Patient Privacy, representing millions of Americans, brought to your attention. We stand ready to fight with you to protect consumers and ensure that our most intimate information, our health records, is ONLY used to improve our health.“
- “HITECH Act”
1/16/09: The Health Information Technology for Economic and Clinical Health Act, or “HITECH Act” has been posted. This bill supplements the House’s American Recovery & Reinvestment Bill to include privacy protections and guidelines for health IT. You can view the bill here and the summary of the bill here.
12/19/08: An industry “Confidentiality Coaltion” boldly came forward recommending that NO privacy or consumer protections be included in the health IT bill. Giving for-profit corporations (that have a legal duty to their shareholders to make money) a blank check for health IT will create a goldmine of information that can be used to increase profits, promote expensive — no necessarily more effective — drugs, cherry pick and market. Read Patient Privacy Rights letter to Congress (12/23/08) and our press release. The “Confidentiality Coalition’s” letter is linked here.
- PPR Joins 100 Organizations in a Healthcare Reform Letter to President Elect Barack Obama
One of the consequences of a loss of privacy is that personal health information is used to deny insurance. PPR supports the call for health care reform and efforts to change a system that denies health care to those who need it. We will continue to advocate for privacy in health care, as it is essential to our ability to attain work, wealth and well being. View the letter here. Tell your senators to include privacy in healthcare reform.
- Obama On Privacy
Click here to see where President Barack Obama stands on health privacy. We gathered this information during his Presidential Campaign from interviews, debates, his campaign website and more.