The proposed federal rule to create and exchange electronic health records without patients? consent threatens Americans? health privacy, warns the Institute for Health Freedom. Patients? consent is not required before their personal health information is compiled and shared electronically for many purposes. For more details click the following link:
http://www.forhealthfreedom.org/Newsletter/March2010.html
As noted, patient consent would not be required before personal health information is shared for many purposes. That is because EHRs will be governed by the HIPAA privacy rule, which permits such information to be shared, without consent, for purposes related to, among other things, treatment, payment, and health-care operations.
"Health care operations" is a catch all that lets MANY different people get into your records. That term is on every consent form you sign at any Dr's office or hospital when you get treatment.
Thus, under the HIPAA privacy rule, individuals do not have the final say over whether their personally identifiable health information?including genetic information?is shared with more than 600,000 health-related organizations.
Importantly, another federal rule establishing standards for certifying EHRs does not provide strong enough security protections, according to John Moehrke, a principal engineer specializing in standards architecture in interoperability, security, and privacy for GE Healthcare, who wrote in a blog post titled ?Meaningful Use Clearly Does Not Mean Secure Use?:
It will also generate lists of patients by specific conditions to use for quality improvement, reduction of disparities, research and outreach.
NO OPT-IN or OPT-OUT PROVISIONS.
ANYONE WILL BE ABLE TO ACCESS YOUR INFO as long as they work or can get into the system.
"Moreover, without providing for opt-out and consent provisions, EHRs could lead to reduced quality and increase the costs of health care. This is because studies show that without true privacy rights, patients won?t be forthcoming about personal details and, therefore, incur further expenses in getting, or avoiding, care."
I plan writing my Federal officials about this matter.
http://www.forhealthfreedom.org/Newsletter/March2010.html
As noted, patient consent would not be required before personal health information is shared for many purposes. That is because EHRs will be governed by the HIPAA privacy rule, which permits such information to be shared, without consent, for purposes related to, among other things, treatment, payment, and health-care operations.
"Health care operations" is a catch all that lets MANY different people get into your records. That term is on every consent form you sign at any Dr's office or hospital when you get treatment.
Thus, under the HIPAA privacy rule, individuals do not have the final say over whether their personally identifiable health information?including genetic information?is shared with more than 600,000 health-related organizations.
Importantly, another federal rule establishing standards for certifying EHRs does not provide strong enough security protections, according to John Moehrke, a principal engineer specializing in standards architecture in interoperability, security, and privacy for GE Healthcare, who wrote in a blog post titled ?Meaningful Use Clearly Does Not Mean Secure Use?:
It will also generate lists of patients by specific conditions to use for quality improvement, reduction of disparities, research and outreach.
NO OPT-IN or OPT-OUT PROVISIONS.
ANYONE WILL BE ABLE TO ACCESS YOUR INFO as long as they work or can get into the system.
"Moreover, without providing for opt-out and consent provisions, EHRs could lead to reduced quality and increase the costs of health care. This is because studies show that without true privacy rights, patients won?t be forthcoming about personal details and, therefore, incur further expenses in getting, or avoiding, care."
I plan writing my Federal officials about this matter.
