Thursday, January 28, 2010

Forbes: The Next Health Care Debate: Digital Privacy

This is a well written article about the 'latest' healthcare privacy survey. This is yet another survey that shows that the general public 'answers surveys as if they don't trust anyone'. I put that in quotes not because it is a quote, but rather that I wonder just how the questions were asked. There is a big difference between answering a survey that is clearly intended to get you angry about privacy, and actions. I don't think that we will know how this will stack up over the years. Meaning we need to wait to see what the general public actually does.  We know that the general public is very happy using web sites that clearly track their behavor.
As President Obama has learned over the last year, Americans tend to get angry when you try to fix the country’s dysfunctional health care system. But even as the national debate over universal coverage drags on, there's another sticky issue ahead for health reform: digital privacy.

In a study released Monday by the privacy-focused Ponemon Institute, Americans registered a deep distrust of anyone in either the federal government or private industry who might store digital health records like those that the Obama administration has encouraged hospitals to create. Of the 868 Americans surveyed about their views on digitizing and storing health records, only 27% said they would trust a federal agency to store or access the data--the same percentage as those who would trust a technology firm like Google, Microsoft or General Electric.
That distrust, says the Institute's director Larry Ponemon, could represent a roadblock to the Obama administration's push for electronic health records, backed up by $19 billion in grants included in the economic stimulus package passed last February. "The takeaway message is that people still care about privacy," says Ponemon. "There's a lot of angst around centralizing this information, no matter whether it's managed by private enterprise or government."
A key finding  (bold is my emphasis)

In fact, 71% of respondents to Ponemon's survey were amenable to letting hospitals, clinics or physicians store their health records. And 99% said a patient's own doctor should be able to access his or her digital health records stored in a national system. But only 38% said that a federal government agency should be able to access those records, and only 11% thought that private businesses should have access.
The mechanisms that HITSP has been identifying, NHIN implementing, HIT-Standards selecting, and Meaningful Use driving toward are not necessarily going to 'give' anyone the rights to access. Those rights need to be authorized. This authorization is part of overall governance, which is a part of Federal policy making; but is also a factor of the Privacy Policies that the patient goes into. Patients need to be very careful to read these policies and push-back when they say something unreasonable. Most Privacy Policies have allowed the patient to completely opt-out. That said, I am sure that the exclusions found in HIPAA around legal mechanisms will very likely continue and with Homeland-Security privacy 'rights' will continue to decline.

The whole article