Wednesday, June 1, 2011
NYT: Breaches Lead to Push to Protect Medical Data
Will electronic record keeping increase the likelihood of breaches of confidentiality?
Here is the beginning of an article from The New York Times by Milton Freudenheim. The article highlights the how the level of carelessness with health information has forced government regulators to increase enforcement, including significant fines. Confidentiality is the cornerstone of our profession. This article heightens awareness about the entire healthcare system, not psychology in particular.
Federal health officials call it the Wall of Shame. It’s a government Web page that lists nearly 300 hospitals, doctors and insurance companies that have reported significant breaches of medical privacy in the last couple of years.
Such lapses, frightening to consumers, could impede the Obama administration’s effort to shift the nation to electronic health care records.
“People need to be assured that their health records are secure and private,” Kathleen Sebelius, secretary of health and human services, said in an interview by phone. “I feel equally strongly that conversion to electronic health records may be one of the most transformative issues in the delivery of health care, lowering medical errors, reducing costs and helping to improve the quality of outcomes.”
So the administration is making new efforts to enforce existing rules about medical privacy and security. But some health care experts wonder if the current rules are enough or whether stronger laws are needed, for example making it a crime for someone to use information obtained improperly.
“The consequences of breaches matter,” conceded Dr. Farzad Mostashari, a former New York public hospitals official who recently became the Obama administration’s national coordinator for health information technology. “People say they are afraid that if their private information becomes known, they may not be able to get health insurance.”
In the last two years, personal medical records of at least 7.8 million people have been improperly exposed, according to the government data. One particularly egregious case involved information about 1.7 million patients, staff members, contractors and suppliers of Bronx hospitals and clinics operated by the Health and Hospitals Corporation, the New York public health agency. Their electronic files were stolen from an unlocked van belonging to a record management company.
The affected patients got the disquieting news that their medical and personal information, like Social Security numbers, had been violated when their health care providers notified them under federal rules.
Showing just how lax security can be, the inspector general of the Department of Health and Human Services said two weeks ago that the agency had found dozens of vulnerabilities in systems to protect records of patients at seven large hospitals in New York, California, Illinois, Texas, Massachusetts, Georgia and Missouri. Auditors cited such problems as personal information that was not encrypted and was stored on computers that could be easily used by unauthorized users.