Protecting Privacy with Technology
The same technology could protect patient privacy, Baker said: "A DRM policy applied to an electronic health record might enable an insurance company to view those portions of the record necessary for coverage authorization purposes, but not allow the record to be saved on the companys server." Such technology should also be able to alert patients who has accessed what information. Another relevant technology is sold by StoredIQ Inc. The companys software analyzes the content of files and email to determine whether they contain information protected by the Health Insurance Portability and Accountability Act. Such files could only be stored and shared according to an organizations official policy, a practice that StoredIQ said will protect against careless and unscrupulous employees.The national health information network must be set up to protect against discriminatory practices and unlawful use and access of information, said Don Mon, vice president of industry relations at AHIMA (American Health Information Management Association). "We must protect the privacy and security of a patient by building it into an infrastructure, by using authentication, and [by releasing] only that info that the patient consents to be released; then the system protects itself." Tony Higgins, a former health information consultant who has lived in the United Sates and Canada, goes further: "EHR (Electronic Health Record) content viewing must be limited to those to whom the individual has given explicit permission, and those persons must be members of the medical services community. No banks, no employers, nobody else." To read a column on what is vital to health IT, click here. Of course, adds Higgins, another way to protect the public is to limit the consequences of what might happen to patients if information is shared, namely being denied benefits. "Universal healthcare insurance that cannot be cancelled, capped, or denied to any legal resident will completely eliminate the threat posed by the EHRs contents being seen within the medical community." Or to approach the problem from still another angle, as one of my readers wrote in, "One way to ensure that loopholes are closed and information is disseminated correctly is to require that ALL Federal government employees must participate during the life of the program. This means the President, Cabinet, Congress, agency appointees, etc. If theyre forced to use it, they will either guarantee a quality product or scrap the idea." Check out eWEEK.coms for the latest news, views and analysis of technologys impact on health care.