1 / 28

“Security and Privacy in Electronic Health Records”

“Security and Privacy in Electronic Health Records”. Peter P. Swire Ohio State University Consultant, Morrison & Foerster, LLP Hospital Wireless Conference July 25, 2005. The Schedule Shift Today. Privacy meeting today with Homeland Security Secretary Chertoff

manchu
Download Presentation

“Security and Privacy in Electronic Health Records”

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. “Security and Privacy in Electronic Health Records” Peter P. Swire Ohio State University Consultant, Morrison & Foerster, LLP Hospital Wireless Conference July 25, 2005

  2. The Schedule Shift Today • Privacy meeting today with Homeland Security Secretary Chertoff • Planned privacy meeting with HHS Secretary Leavitt • Privacy and security as strategic issues for top leadership

  3. Our Puzzle for Today • Health IT Must Improve Considerably • Often a decade or more behind other sectors • Manila folders behind the nurses’ station • Other sectors – banks, travel, retail? • Inconceivable in today’s market • Perhaps a federal law – manila folders banned from health care providers? • The Gingrich version: “paper kills”

  4. Our Puzzle • Health IT is HARD to Improve • Reimbursement reasons • Medicare, insurers usually do not pay more for good IT • Customers don’t discipline providers on health IT, the way they would banks or travel providers • Quality-of-care ROI is usually easier to show than financial ROI for health IT

  5. Our Puzzle • Health IT is HARD to Improve • Privacy and security reasons • Recent Westin/AHRQ poll • More respondents worried about privacy & security than favored new use of electronic health records • Polls and focus groups • Risks are top-of-mind to consumers • Benefits are much less evident

  6. Overview • HIPAA and my background • Electronic Medical Records, Connecting for Health & David Brailer • National health IDs vs. a linking approach • IT progress together with security and privacy

  7. I. HIPAA and Health IT • HIPAA statute in 1996 • The political engine was transactions • Early 1990s and no agreement on standards • One HIPAA client paid in > 2000 formats • Statute said standards for electronic payments • My sense – improvement, but harder to get standard implementation than was hoped

  8. HIPAA and Health IT • Privacy and security came with new health IT • Political realization that patient records would be electronic for payment purposes • HIPAA statute said build in privacy and security at the same time as ramp up the level of electronic payments • That makes sense – upgrade (for transactions) easiest time to upgrade for security and privacy

  9. HIPAA Privacy • Congress gave itself until summer, 1999 to write a medical privacy statute • When it couldn’t, Administration required to issue a privacy rule • WH Coordinator for Oct. 99 proposed rule • 53,000 public comments • Final privacy rule Dec. 2000

  10. HIPAA Privacy After 2000 • After Jan. 2001, political effort to cancel HIPAA privacy • President Bush overruled his advisors, and kept it • 2002 final privacy rule mostly the same as 2000 privacy rule • HIPAA security was delayed, but now in place

  11. Looking Back on HIPAA • Much of it good practices that had not necessarily been built in previously • Some was bureaucratic overkill • One criticism since 2001 – much less outreach and guidance than planned • Another criticism – no enforcement yet, with risk that those who comply will lose faith in the system

  12. II. EMRs, Markle & Brailer • Next, beyond electronic transactions to electronic medical records (EMRs) • A great resource – Markle Foundation’s Connecting for Health Project • www.markle.org: Roadmap & other docs • I’ve been involved in 3 working groups of it • Currently, my focus is on authentication for patients and system users

  13. Markle & HHS • Spring, 2004 – Pres. Bush announces Dr. David Brailer as “Health IT Czar” • Brailer had been chair of a Markle committee • Great background on health care economics, health IT • New HHS Sec. Leavitt was on Markle committee, is making health IT one of his signature issues

  14. Where We Are Today • Markle and numerous stakeholders • HHS – Leavitt & Brailer • Congress – Newt and Hillary become best friends • BUT, some health care stakeholders are unconvinced: • Doctors, reimbursement & data input challenges • Consumers and fears on privacy/security • Interconnection challenges and fear that early adopters won’t get paid for their efforts

  15. III. Health ID v. Linking • A key issue in EMRs is whether to have a national health ID • Most doctors and techies initially assume that it is appropriate and necessary • My argument here is that it is a bad idea and that a “linking” or “record locator service” approach is feasible and better policy

  16. National Health IDs • The attraction is the idea that records from home, work, and travel all can be matched by tagging them with a unique identifier for each patient • Most providers use a unique identifier, such as SSN, in their own system – why not use it across systems? • Most plans have envisioned national ID and a central EMR repository

  17. The Politics of Health IDs • Unique patient IDs were actually required in the 1996 HIPAA statute • Supported by many vendors and system owners • By 1998, Clinton Administration said no health IDs unless strong privacy & security in place • Bush Administration has confirmed that there will be no such IDs for patients • Moral – huge political opposition to the idea • Waiting for health IDs means to wait a long time

  18. The Markle Linking Alternative • Create a Record Locator Service (RLS), not an EMR central database • The RLS authenticates based on demographic, not clinical, data • Federated – decision at the edges whether a record is listed on the RLS • E.g., substance abuse & HIV may not be listed

  19. Advantages of RLS Approach • Avoids single point of failure of central EMR database – the data breach problem • Control at edges • Patients can opt out • Providers can decide what (not) to link • Graceful transition from current system • No required new data field for health IDs • No “rip and replace” • In sum, privacy & security built in

  20. The State of Play on RLS • Current Markle work on • Model contract for participants (RHIOs) and their participants (such as small practice groups) • Policies and procedures – the big picture for communities who are interested • FAQs for deeper technical dives on hard issues • E.g., scoring & procedures for authentication • Test interchange: Indiana and Boston

  21. IV. Privacy, Security & EMRs • Must be credible on privacy & security or the benefits of EMRs will be undermined • The architecture must be secure • Centralized databases, even for sophisticated financial data, have been publicly breached • Health care is unlikely to be (or to be seen as) doing better than banks, who have centuries of practice in guarding the money • Many consider medical data more sensitive than financial data

  22. Some Privacy Basics • Goal should be to improve patient privacy & security in shift to EMRs • Safeguards must be explainable to public • Patient access to linking system (what’s in the system?) and means to correct (those aren’t my records) • Access in HIPAA and FCRA • Patient opt-out from the system, working with providers

  23. Mission Creep & EMRs • Many stakeholders will push for access to linked identities and records: • Health quality measurements • Cost controls • Bioterrorism & law enforcement • Medical research • Marketing research • Not all those who want the data should get it • Model contract for linking will address these issues

  24. Enforcement • Looking ahead, I believe that enforcement against bad actors should occur, while good faith efforts by data holders should not receive enforcement • To date, 0 civil enforcement actions for 13,000 complaints to the Office of Civil Rights • Recently, DOJ opinion that criminal laws do not apply to most employees of covered entities • The right level of enforcement is not zero • The system should be credible, without chilling much-needed sharing of EMRs for legitimate uses

  25. Conclusion • EMRs as the health IT challenge for the next decade, following the ten-year cycle since HIPAA was enacted • Privacy & security concerns for consumers often outweigh the perceived benefits • Strategic challenge for health IT professionals and the entire sector on how to use health IT consistent with the public’s concerns

  26. In Closing • As you build your health IT systems, imagine your own records and those of your family being in the infrastructure • Can you say with confidence to your family that their records are secure and confidential? • For substance abuse, psychiatric records, HIV, and other extra-sensitive data? • That’s the standard we should apply to our systems – that each patient’s data is held the way we want out own data to be treated

  27. In Closing • That’s the high-tech version of the Golden Rule • Do unto other’s data as you would have them do unto you • Thank you.

  28. Contact Information • Peter P. Swire • Consultant, Morrison & Foerster, LLP • Phone: (240) 994-4142 • Email: peter@peterswire.net • Web: www.peterswire.net

More Related