New privacy guidelines for e-health records announced
The Department of Health and Human Services this week released new privacy guidelines (PDF) for electronic health records, the use of which President-elect Barack Obama has promised to support as part of his plan to jump-start the economy.
The use of electronic medical records could reduce costs and medical errors while potentially improving the quality of care patients receive, advocates say, but the level of new privacy standards needed for e-health records has been a matter of debate.
"Consumers need an easy-to-read, standard notice about how their personal health information is protected, confidence that those who misuse information will be held accountable, and the ability to choose the degree to which they want to participate in information sharing," HHS Secretary Mike Leavitt said Monday.
The eight principles established in the guidelines are intended to facilitate the adoption of e-health records by providing a consistent approach to questions of privacy and defining the responsibilities of those who have access to e-health records and share them through a network. The principles address issues of patient access; correction of records; openness and transparency; patient choice; limitations to the collection, use, and disclosure of personal health information; data integrity; safeguards; and accountability.
The HHS Office for Civil Rights also published new guidance documents explaining how the Health Insurance Portability and Accountability (HIPAA) Act can facilitate the exchange of information through e-records.
Privacy advocates at a meeting with Obama's transition team on Tuesday brought up the need for more stringent privacy standards for medical information. However, some members of the software industry, which strongly supports the adoption of e-health records, have said the HIPAA Act may provide sufficient privacy safeguards.
The new HHS guidelines state that "although the HIPAA Privacy and Security Rules apply to health information in electronic form, the current landscape of electronic health information exchange poses new issues and involves additional organizations that were not contemplated at the time the rules were drafted."
Stephanie Condon is a staff writer for CNET News focused on the intersection of technology and politics. She is based in Washington, D.C. E-mail Stephanie. 





- by BenjaminWright December 18, 2008 9:01 AM PST
- Maybe patients can bolster privacy by inserting legal terms of access (like an end-user license agreement) into the content of their electronic medical records. The terms could set binding rules for who may view data and when. The idea is not legal advice, just something to think about. --Ben http://hack-igations.blogspot.com/2008/02/contracts-for-patient-privacy.html
- Like this Reply to this comment
-
(4 Comments)