May 04, 2006

Privacy and Digitizing, Networking Health Care Records

The issue of digitizing and networking medical records has appeared in various panels at the Computers, Freedom and Privacy 2006 conference that I have been attending.

Here is some info on the Canadian initiative.

And here is a US patient privacy rights website on some of the privacy and security implications of what has been happening in the US.

This is something that very few people are aware of, particularly the security and privacy implications. Who gets to access such a database? How are those people authenticated? Can they download and save information to local computers? How are those computers secured? Can they print out information? Can I access my own information? How do I authenticate myself? If I think there are errors in my information, can I correct them? How? How are patients identified? Is there a common identifier across all of a person's records, or are there firewalls between various sorts of data? Can my dentist access what my gynecologist can access? Can insurance companies access that data? Can other branches of the government? The police? Are warrants required? Where is the data hosted? If it's in the US, other laws may apply, and the US government may be able to access that data secretly using anti-terrorist directives... It goes on and on.

One panelist said hey, forget it, the insurance companies already know all this stuff about all of us....

Posted by Paul at May 4, 2006 11:14 AM