http://www.newamerica.net/blog/topics/privacy The taxonomy view with a depth of 0. en http://www.newamerica.net/blog/new-health-dialogue/2008/health-it-not-so-private-view-hhs-3779 <p>Earlier this week we posted our interview about the future of health IT with Carol Diamond of the Markle Foundation. (<a href="/blog/new-health-dialogue/2008/health-3684" target="_blank">Part one</a>, and <a href="/blog/new-health-dialogue/2008/part-two-markle-3688" target="_blank">part two</a>). Today we'd like to point you to <a href="http://thehill.com/business--lobby/qa-with-mike-leavitt-2008-05-07.html" target="_blank"><i>The Hill</i> 's interview with Health and Human Services Secretary Mike Leavitt </a>on the same topic. </p> <p><img src="/blog/files/leavitt_original.jpg" align="left" hspace="5" vspace="5" />Two points struck us. First, neither the article nor the full Leavitt transcript mentions the word &quot;privacy&quot;—a big issue both for policymakers and for the public who keep reading about nosy hospital staff, researchers who do sloppy things like leave laptops with patient records in the car, and thieves who steal credit card numbers and other financial identity information from medical records. Not insurmountable but essential if we're going to get the country on board with health IT. Second, Leavitt really depicted the health IT challenge primarily as a technology question involving interoperability (letting different computer systems talk to each other) while Markle's <a href="http://www.connectingforhealth.org/" target="_blank">Connecting for Health</a> program and conversations with some other experts have made us think about a far broader range of policy challenges that won't be solved only by the computer geeks. </p> <p>We did like that Leavitt pointed out that the electronic medical records (with appropriate privacy safeguards) won't just improve care for individual patients. Properly designed, they will provide a huge data pool for researchers to track public health threats, emerging trends or epidemics, drug side effects and the like as well as do research into what treatments work best for patients. But first we've got to get there. Leavitt sounds optimistic, but we've heard that health IT is just around corner for some time. Let's hope he's right sooner rather than later.</p> http://www.newamerica.net/blog/new-health-dialogue/2008/health-it-not-so-private-view-hhs-3779#comments New Health Dialogue Health IT Privacy Thu, 08 May 2008 18:10:00 -0400 Joanne Kenen 3779 at http://www.newamerica.net/blog http://www.newamerica.net/blog/new-health-dialogue/2008/health-it-crime-and-punishment-please-3546 <p>The <em>Wall Street Journal</em> had a <a target="_blank" href="http://online.wsj.com/public/article/SB120941048217350433.html?mod=2_1566_leftbox">great piece</a> and blog <a target="_blank" href="http://blogs.wsj.com/health/2008/04/29/nosy-hospital-staffers-plague-patients-files/">item </a>yesterday about Health IT and privacy breaches — we would have blogged about it then had we not, coincidentally, been out much of the day with some other think-tankers and foundation folks educating ourselves about that very topic. Among other things, the <em>Journal</em> article made the key point that privacy breaches are rarely prosecuted. That's not the right way to build public confidence in electronic health records. </p> <p>Some 35,000 reports of privacy violations have been reported to the Department of Health and Human Services under HIPAA (Health Insurance Portability and Accountabilty Act) since 2003, but not a single civil fine has been levied,<em> WSJ</em> reported. HHS says several hundred reports of violations have been referred to the Department of Justice for criminal prosecution; about 200 cases have been filed although it's not clear how many of them were under HIPAA.</p> <p>So we were pleased to see the<em> </em><a target="_blank" href="http://www.latimes.com/news/local/la-me-ucla30apr30,1,2997318.story"><em>LA Times</em> report </a>today (Charlie Ornstein's done a lot of good work on this whole phenomenon of <a target="_blank" href="http://www.latimes.com/news/local/la-me-records-sg,0,7797684.storygallery">Hollywood sneaky peeky</a>) that an alleged celebrity snoop at UCLA Medical Center had been indicted for allegedly selling information from medical records of celebrities to the media (apparently the <em>National Enquirer</em>).</p> <p> The paper reported that Lawanda Jackson, 49, could face up to 10 years in prison if convicted of the charge of obtaining individually identifiable health information for commercial advantage. The paper had earlier reported that Jackson had allegedly pried into the private medical records of California First Lady Maria Shriver, Farrah Fawcett, and 60 others. In an April 8 interview with the newspaper, Jackson denied that she had leaked the information or otherwise profited from it.</p> <p>Hospitals can (and should) take multiple steps to make records more secure; for instance, walling off parts of the computerized records so that people can access only what they need to know. But the feds (or state governments) have responsibilities too. Getting electronic records right, from technical, economic, and privacy standpoints, is hard enough. If all the public hears about is breach after breach, snooping, spying, and carelessness (medical records left on a laptop in someone's car trunk...) they aren't going to buy into Health IT. And we need them to; Health IT may not save as much as quickly politicians are promising but it is essential for quality, for coordinated care, for efficiency and for research. So when there's a crime, let's see some punishment.</p> <p>&nbsp;</p> http://www.newamerica.net/blog/new-health-dialogue/2008/health-it-crime-and-punishment-please-3546#comments New Health Dialogue Health IT Privacy Wed, 30 Apr 2008 19:18:00 -0400 Joanne Kenen 3546 at http://www.newamerica.net/blog