Electronic data use in U.S. industries, such as banking, retail, and telecommunications, provides a means by which entities track, store, and manage consumer data. Most Americans do not hesitate when they use their debit or credit card, grocery store saver card, or cell phone; these play a key role in the everyday lives of people. More so, with the increased use of social networking websites and online public blogs, self-generated data regarding people’s daily lives is available electronically. Since most people have traded in personal checks, grocery coupons, and payphones for more convenient alternatives, should the United States adopt this electronic trend with personal health information? The President and Congress think so.
While the White House leadership recently changed, one Presidential interest remains the same; both the current and former President support the goal of having electronic health records (EHRs) for Americans. Most recently, the President vowed to make all medical records electronic by 2014. Also, current federal economic stimulus legislation (American Recovery and Investment Act of 2009) includes at least $20 billion for health information technology (HIT). Although some health experts are concerned these funds could “lead to wasteful spending”, many tout that technology will improve health care quality and reduce costs. So, what’s the big deal?
If the potential commercial value of electronic health record data is not persuasive alone, legitimate concerns about medical identity theft, improper disclosure of personal health information, and digital data breaches exist. For instance, as the EHR is often analogized to a bank account, perhaps increased attention should be placed on this concern, especially in the recent wake of the “largest data breach ever reported”. In light of these risks and overall cultural norms of the health care industry, many patients are interested in securing some health information privacy in the digital age.
While the text of the U.S. Constitution does not explicitly state a right to privacy, the U.S. Supreme Court has recognized privacy to be an unenumerated right. Likewise, some aspects of life are commonly viewed as private including the family, body, and home. Additionally, in Whalen v. Roe, the Court explicitly recognized “the threat to privacy implicit in the accumulation of vast amounts of personal information in computerized data banks.” The Supreme Court has also recognized that “what [a person] seeks to preserve as private, even in an area accessible to the public, may be constitutionally protected.” Nonetheless, not only have courts recognized the privacy of information, but also, Congress has addressed the issue.
Congress has enacted piecemeal information privacy laws to deal with the technological assault on privacy in specific sectors, including the finance and health care industries. However, no federal law exists that uniformly and comprehensively protects the privacy of all health information. Likewise, even with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule, an individual’s health information currently flows freely between covered entities including health care providers, insurance and data clearinghouse companies, and public health officials, without an individual’s consent. While current legislation may establish a federal breach notification requirement, this may not be the best approach to address privacy concerns. Although notification of data corruption, thief access, or loss of health data would allow individuals to take proactive steps to mitigate future harm, the discovery of a breach may be long after individuals suffer reputational damage or physical harm.
Although many Americans participate in the electronic exchange of data on a daily basis and may not consider all personal information private, most people probably have no desire for the entire world to have ready-access to their health data. Hence, in the long-run, if Congress and the President do not strive to protect Americans from threats to health information privacy, patients may not trust the technology and likely will not adopt it. As a result, the U.S. would run the risk of not realizing the goal of nationwide adoption of EHRs; an interest to transform the nation’s health care industry that supersedes partisan lines. Perhaps the Secret Service could help move things along by providing a super-duper top-secret BlackBerry to patients. Then again, people probably would assume governmental tracking and surveillance, challenging the action under the Fourth Amendment.
Comments
Post new comment