The rush to finalize standards and accelerate EMR adoption may unnecessarily put patient confidentiality at risk, says well-known privacy advocate Dr. Deborah Peel.
The federal Health Information Technology Standards Committee's Privacy and Security Workgroup last week recommended industry adoption of 37 technical standards for EMRs in three phases, starting in 2011. But the fact that the workgroup determined that consent management standards-allowing patients alone to dictate who gets to see their personal medical information-probably won't be ready for implementation until 2015 has set off alarm bells with Peel's Coalition for Patient Privacy.
"The one thing that means the most to consumers is going to be delayed for five or six years," Peel tells Federal Computer Week. "This is a stunning defeat for consumer protection." Peel also accuses vendors and other health IT industry insiders of dragging their feet because they really are not interested in losing control of this highly valuable data.
Workgroup co-chair Steven Findlay, senior health policy analyst at Consumers Union, disputes this contention, saying that consumers care more about encryption and strong access controls than consent management. "The data will be encrypted and not set for easy access," he says. Findlay also asserts that EMRs will incorporate consent management once the technology matures a bit. "The standards do not currently exist to do the complexity of consent management that we would like to see," he says.
To read about these conflicting points of view:
- check out this Federal Computer Week piece