As electronic data-sharing becomes more common in healthcare, the potential grows not just for hacking, but for errors that compromise patient safety and privacy.
For instance, in one case highlighted in a report from Bloomberg, a mother's prescriptions became known to her daughter through an insurance database mixup. The mother had not told her daughter about the prescriptions, and it created a difficult conversation between the two about the mother's health.
In a complaint to the Department of Health and Human Services (HHS), the mother argued that her privacy had been violated. But because the insurance subcontractors did not reveal the mother's prescriptions to the daughter--she figured it out on her own--HHS's Office for Civil Rights found no wrongdoing, according to Bloomberg.
In addition, now that the Affordable Care Act has promoted digital records and data-sharing, patient data can bounce around among companies through billing and other processes, creating security and privacy risks.
The collection of patient data in huge databases used without patient consent has been one of the issues concerning patient privacy advocate Deborah Peel. She and Carmen Balber, executive director of Consumer Watchdog, previously raised the issue with California health information exchange organization Cal INDEX, calling the Cal INDEX's database "one stop shopping for hackers" and saying that patients' records are at risk without their consent.
In expressing concerns about the proposed 21st Century Cures Act, Peel also said "there is no 'chain of custody' for our health data. It's impossible to know where in the world it is or how it's being used."
To learn more:
- read the article