HHS head calls for voluntary e-health privacy guidelines

HHS head calls for voluntary e-health privacy guidelines

NextGov, DC, By Bob Brewin, December 15, 2008
 
The head of the Health and Human Services Department called for the health care industry to develop voluntary guidelines to ensure the privacy of patient-controlled personal health records rather than allow the federal government to mandate rules. HHS Secretary Mike Leavitt, speaking Monday at the Nationwide Health Information Network Forum in Washington, said if the government mandated how vendors must protect the privacy of personal electronic health records, then he would not see widespread adoption of e-health records “in my lifetime.” He said the government should develop basic privacy guidelines, but should not establish privacy rules. Government is moving rapidly to adopt e-health records under the belief that moving from paper records to digital ones will improve health care quality and reduce costs. HHS and the Defense Department’s Military Health System recently launched personal health record trials in hopes the projects would jump-start their use nationally. MHS began testing a patient-controlled personal health record program this month. The project provides patients at the Madigan Army Medical Center in Tacoma, Wash., the chance to use online health records programs provided by Google and Microsoft. Last month, the Centers for Medicare and Medicaid Services tapped Google Health, HealthTrio, NoMoreClipBoard.com and PassPortMD to participate in a personal health record trial in Arizona and Utah, which is scheduled to start in early 2009. Leavitt said members of the public should be allowed to choose the level of privacy they want associated with their health records, and they should understand the balance of risks and rewards of sharing either too much or too little health information with a network of health providers. Consumers already have a wide choice of personal health record vendors, he said, and the marketplace develops systems that guarantee the security of sensitive health information. Leavitt developed a set of guidelines to ensure the privacy of personal health records, including sharing health information from personal health records. Patients should be able to identify the clinicians who can have access to their information. A system also should include an easy to read summary of the physicians who received a patient’s information and how it was shared, he said. HHS has started to develop a voluntary tool kit for personal health record vendors that would demonstrate the vendors’ commitment to transparency and security. Leavitt said the tool kit would be available before President-elect Barack Obama is inaugurated on Jan. 20. George Scriban, senior global strategist for the Microsoft health group, said the company has built privacy, strong user controls and transparency into its Health Vault’s personal health record based on serious consumer concerns about the collection, sharing and storage of health information. Health Vault users have explicit control over who can share their information and how it is shared, “and we are very clear that the central tenet of Health Vault is consumer control,” Scriban said.