Data Privacy Issues Still Plague E-Health Record Efforts

Lora Bentley

How to keep sensitive patient data private while meeting the federal e-health records mandate was an issue central to last week's Computers, Freedom and Privacy conference. And though the question has been debated for years, health care providers, insurance companies and other organizations subject to the Health Insurance Portability and Accountability Act will have to wrap up that debate soon. reports that the Department of Health and Human Services is gathering public comment on e-health record privacy protections and will release its rules by the end of the year.


Provisions in the American Recovery and Rehabilitation Act of 2009 amended HIPAA to apply its privacy and security requirements to providers (like Google and Microsoft) that offer personal health portals, but exactly how that application is going to look, and what it's going to mean for those providers is still unclear. Frank Torres, Microsoft's director of consumer affairs, says simply, "The business community would appreciate some more certainty."


Most e-health portals depend on patient control of the information that goes in and out, but they will only work if patients are honest about their records. The other sticky issue, according to Blue Cross/Blue Shield Association managing director Joel Slackman is how to remain compliant with the various state laws addressing patient privacy given that some of them conflict. "You don't even know that a law's conflicting until it smacks you in the face, sometimes," he says.

Add Comment      Leave a comment on this blog post
Jun 12, 2009 4:02 AM Jerry Baxley Jerry Baxley  says:

Data Privacy will always be an issue because of the nature of the infrastructure over which these records will travel.

Under the current plan a EHR might have to travel over several different networks, which can't support the necessary privacy protocols the Department of Health and Human Services are trying so hard to define.

The answer is a new network built to carry the increased traffic expected from EHR's and the images they will have with them. Many might say that is unrealistic and impossible, but a small company in Alabama has spent two years researching this very question and are getting ready to begin construction on such a network.

At the heart of this network will be a large computing and data storage facility, whose construction and privacy will exceed any projected certification by any agency.

As at least these guys are trying to do it right

Apr 5, 2011 4:05 AM alex alex  says:

Data privacy is always an issue, but bureaucracy is also another issue. If the policy is right, then these networks will simply improve peoples lives and i think that it's the right way.


Post a comment





(Maximum characters: 1200). You have 1200 characters left.




Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.