Sunday, October 31, 2010

Obama Administration Receives Harsh Reviews in 2010 Report Card

The Electronic Privacy Information Center (the other EPIC) has graded the Obama Administration harshly this year. It could be viewed that they were simply too generous last year, when we were told how wonderful things would be. I do agree that this year I am less excited about the Privacy policies of the Obama Administration and those promulgated by the Obama Administration. But then I also am close enough to the sausage making to know why things are not as rosy as we all would want them to be.

I have asked for more specific security to be included in Meaningful Use (that Meaningful Use Security Capabilities are Lacking, Privacy Capabilities NON-existent), and for them to include even simple Opt-In/Opt-Out capability (Stepping stones for Privacy Consent).  I know that these are not included today because of a need to push the market space slowly. I however am very concerned that an HIE built with out privacy controls, may never get them. The Consent Management using HITSP TP30 is not a difficult to implement system, and it is designed to grow to more comprehensive consent policies.

I do think that this past year far more has been done about Privacy in Healthcare than all the past decade. There is far more visibility of the issue, and privacy advocates and subject matter experts are far more common. A huge step in the right direction was the posting of USA healthcare breach notifications. 
Now that there is a way to publicly shame organizations, we are seeing more interest in implementation of Security and Privacy.

In a special event as part of the Privacy 2010 Campaign, the Electronic
Privacy Information Center (EPIC) has released the 2010 Privacy Report
Card for the Obama Administration. The Report Card focuses on
developments over the past year in the areas of medical privacy, civil
liberties, consumer protection, and cyber-security.

The report card was formerly unveiled at the Mott House, on Capital
Hill. EPIC's executive director, Marc Rotenberg, briefly discussed the
grades from 2009 and the rationale for the new marks. 2010 grades
include two B's (medical privacy and cyber-security), a C (consumer
privacy), and a D (civil liberties). These were significant drops from
2009, when the Administration received an Incomplete (consumer
privacy), an A- (medical privacy), a B (cyber-security), and a C+ (civil
liberties).

EPIC: Privacy 2010 Campaign Platform

EPIC: Privacy 2010 Facebook Cause Page

EPIC: 2009 Privacy Report Card

EPIC: 2010 Privacy Report Card