Citing lack of progress, the deputy director of the nonprofit Health Privacy Project resigned as co-chair of a federal committee charged with advising the government on privacy issues in electronic health information.
In an open letter to the health IT czar, Health Privacy Project Director Janlori Goldman and Deputy Director Paul Feldman said they were unable to continue their work on a subcommittee of the American Health Information Community. AHIC, which consists of industry leaders as well as representatives from large government groups, was created to advise the Department of Health and Human Services on market-driven ways to better use information technology to improve health care and cut costs.
From the start, the subcommittee seemed an afterthought. Though AHIC held its first meeting in October 2005, the Confidentiality, Privacy, and Security Workgroup, or CPS, was only instituted in the latter half of 2006.
The committee met six times since August 2006 and drafted recommendations to help ensure that health information was released only to authorized individuals. In their letter, Feldman and Goldman implied that AHIC was pushing health IT forward without considering necessary policy issues.
The letter cited a report from the Government Accountability Office that criticized HHS for not having a clear, comprehensive policy for patient privacy issues. Interim health IT coordinator Robert Kolodner openly disagreed with the GAO report, saying that health IT issues were too nascent for clear policy guidelines to be set.
Though the letter applauded the goals of a national health information network, the directors wrote that "We have determined we are unable to continue given that the workgroup has not made substantial progress [toward] the development of comprehensive privacy and security policies that must be at the core of a nationwide health information network (NHIN)."
The letter also stated that they would be willing to advise the Office of the National Coordinator of Health Information Technology to "ensure privacy and security policies and practices are at the core of this nations e-health initiatives. Without such an assurance, people will continue to be subjected to discriminatory and unnecessary risks to their privacy and will be made vulnerable to job and benefit losses."