|
|
|
|
|
III of X. Sense and Consequence - HIPAA
This entry was posted on 3/4/2008 9:20 AM and is filed under uncategorized.
2 March 2008
III of X. Sense and Consequence - HIPAA
In my 7 October 2007 entry, "Accounting for the Fissures of this Disjointed Reality," I wrote on HIPAA and the move by Microsoft to make a patient's medical information available online:
"Through HealthVault, Microsoft is planning to further this direction by providing "a secure, encrypted database" for the storage of an individual's "personal health record" (Steve Lohr, "Microsoft Rolls Out Heallth Records", The New York Times, 4 October 2007). Through its database, Microsoft "hopes that individuals will give doctors, clinics and hospitals permission to directly send into their HealthVault record information like medicines prescribed or...test results showing blood pressure and cholesterol levels." On this front, however, there is critical need for pause.
On 21 August 1996, the 104th Congress passed into public law the Health Insurance Portability and Accountability Act (HIPAA) to (among other things) "combat waste, fraud, and abuse in health insurance and health care delivery" and above all, "to ensure the integrity and confidentiality of the information; to protect against any reasonably anticipated threats or hazards to the security or integrity of the information; and unauthorized uses or disclosures of the information" (Public Law 104-191).
If the need for privacy of personal information and the handling of such information by medical and healthcare professionals were identified as so crucially necessary that a law and protocols with that law had to be executed into effect with the threat of legal ramifications if so violated, why would a proposed database against that law be so quickly proposed?
Although Microsoft explains that the database will be secure and encrypted, have we not learned the lessons of the agile hacker mind? There are countless cases and a cornucopia of ocular proof that information - especially on the net - is a 'sitting duck' in hacker territory. To offset the possibility of data corruption, Peter Neupert, VP of Microsoft's health group, makes the analogy to online banking that initially met with privacy worries and is today mainstream. I beg to differ.
There are still many who are justifiably hesitant to disclose their financial information online - can we say, "identity theft"? So no, banking is NOT mainstream.
Banking aside, if financial information is hacked into, it can be reversed and corrected. Banks and credit card companies anticipate hackers and identity thieves so much so that they have swift and effective protocols in place to correct the fraudulent activity. However, when personal information - health or otherwise - is hacked into, there is no corrective reversal. The information is the key. To disclose that information to anyone other than the patient or medical/healthcare professional it is intended for is the irreversable violation and infringement that HIPAA sought so painstakingly to safeguard."
The problems I pointed to were obviously tossed aside because AT&T and the state of Tennessee will "provide the country's first statewide system to electronically exchange patient medical information" (Erik Schelzig, "AT&T, Tenn. Create Medical Info Exchange," Associated Press, San Francisco Chronicle, 25 February 2008).
Oh, and not to overlook the problems of financial information being made available online, UC Berkeley's Center for Law and Technology just released a report ranking Bank of America as the top bank in complaints of identity theft (Deborah Gage, "Banks, phone copanies identity-theft targets," San Francisco Chronicle, 28 February 2008). Unfortunately, taking the second and third ranking on the list are AT&T and Sprint/Nextel, respectively. In summation then, AT&T is the second-ranked company with complaints of identity theft and AT&T is undertaking to have patient medical information available electronically in the whole state of Tennessee. For all those in Tennessee, be worried, be very very worried...
The direction and consequence of moving forward without respect to common sense is increasingly fatal compounded by the fact that it is occurring in every sector affecting the individual, his freedoms, his safety, and his right to life on this planet...take heed...
|
|
|
|
|
|
|
|
|
|
|
|
|
|
