HOW LONG BEFORE WE ACCEPT INEVITABILITY OF PERSONAL HEALTH RECORDS DATABASES?

The jury is still out but the heat is still on to collect and computerize our personal health records (PHRs). One opinion has it that benefits will “eclipse” privacy concerns. And with certain reservations, I agree. As staunch as I am for individual rights to control our names and private information, if you are in the hospital emergency room with a family member, you want them to receive the best possible care, and most agree that can happen only if the caregivers know the patient’s personal health history.

Jay Cline’s opinion piece in Computerworld, “Benefits of personal health records will eclipse privacy concerns,” makes a good case, concluding that the debate will be over in five years, but many privacy advocates who actually anticipate the inevitability, still want to see better control. Over both the PHR providers and by the individual concerned. Cline says there will be six prevailing stipulations of this kind of database.

• A single repository combing multiple sources.
• Simplified, easily searchable files.
• Doctor’s trust
• Understandable to the patient.
• Patient can add and flag incorrect information
• Patient controls who sees what

But when he gets to what will be included in the database, he makes the statement that, “The sky is really the limit…” And to me that is really scary, because that is how the junk mail companies like ChoicePoint, Experian, Acxiom, Equifax, TransUnion and other data brokers started years ago. With your name and address, and a few other items like age, income, education and occupation. That eventually expanded into what we read, drink and smoke, and whether or not we gamble. Who we vote for, what our religion is, our surfing habits online, the charities we favor, how we invest, and of course the precursor to today’s subject, what ailments we have and what medications we take. Yes, it’s all out there and for sale.

Promised data to the PHRs contains the following: prescriptions; drug allergies; immunizations; illnesses and hospitalizations; test and clinical records; living wills and other info you can see by going to the Computerworld article in the above link. I did a series of five posts you might want to refer to on this issue: “Medical Identity Theft Also Needs Your Attention…And Now.” It provides the background on what can happen when the bad guys steal your medical identity, and why it is so important for this private information to be protected.

In another of my posts, “Warning Out on Health Data Storage Sites,” there is a report issued by the World Privacy Forum in February of 2008 about the hazards of giving up your personal health records. The catch, according to the WPF, is that most of these companies are not subject to federal regulations relating to consumer privacy and security. It is for that very reason that I feel the right solution is only one database—as Cline specifies—operated by a non-commercial entity, with its own set of privacy rules backed by federal enforcement.

Next post: How the U.S. must take its privacy guidelines, even in healthcare, from the European Union.