Privacy surfaced yesterday as the most troublesome issue for legislators trying to craft a federal law to promote health information technology.
Almost everyone who spoke at a hearing of the House Energy and Commerce Committee’s Health Subcommittee expressed concerns about protecting the privacy of patients’ information. But they had different views of how to ensure the confidentiality of the records.
The hearing also revealed divisions on anti-kickback proposals and other elements of pending legislation.
It was the first hearing on the Health IT Promotion Act of 2005, which Rep. Nancy Johnson (R-Conn.) introduced last October. The subcommittee’s chairman, Rep. Nathan Deal (R-Ga.), is a co-sponsor of the bill.
In his introductory remarks, Deal urged his colleagues to be cautious of sweeping legislative proposals that might interfere with the natural progress of health IT in the marketplace. Deal called for strong but practical privacy protections.
“There must be adequate protections for patient privacy,” said Rep. Sherrod Brown (D-Ohio), the subcommittee’s ranking Democrat. “We’ve all read the stories about stolen bank records in the last few months. Imagine if they were stolen medical records.”
Rep. Henry Waxman (D-Calif.) said he was concerned that existing privacy protections under the Health Insurance Portability and Accountability Act (HIPAA) of 1996 do not apply to many of the people with access to health records.
Johnson and Deal’s bill would establish federal privacy protections that could override the patchwork of state privacy laws. Many of those laws are more stringent than HIPAA and other federal privacy rules, and rules in one state often conflict with those in a neighboring state.
The override provision drew praise from Don Detmer, president of the American Medical Informatics Association; Alan Mertz, president of the American Clinical Laboratory Association; and others. “Personally, I don’t see how we can get to the common standards and interoperability that underlie the widespread adoption of electronic health records without federal pre-emption of conflicting state laws,” Detmer said.
But strong criticism came from Bill Vaughan, senior policy analyst at the Consumers Union, and James Pyles, a lawyer representing the American Psychoanalytic Association. They said HIPAA protections are inadequate and state laws often provide necessary privacy protection.
“Health IT creates the potential for breaches of health information privacy on a scale previously unimaginable,” Pyles said. “Once health information is disclosed electronically, it cannot be recovered.”
Deal said he plans to continue the hearing this spring with witnesses from the federal government.
From the battlefield to the home front: Managing medical data
Government Health IT presents Col. Claude Hines Jr., program manager for the Defense Health Information Management System, in this recent InSight eSeminar. Col. Hines discusses the health information technology and tactical challenges faced by the military medical community in Iraq, Afghanistan and other areas of conflict. In doing so, he describes the current information technology solutions for transferring clinical data between battlefield care givers to health care personnel at military treatment facilities worldwide.
