1601 N. Tucson Blvd. Suite 9
Tucson, AZ 85716-3450
Phone: (800) 635-1196
Hotline: (800) 419-4777
Association of American Physicians and Surgeons, Inc.
A Voice for Private Physicians Since 1943
Omnia pro aegroto

2/24/2006

ACTION NEEDED!

 

 

Congress could vote soon to pass H.R. 4157, deceptively titled the “Health Information Technology Promotion Act.”  A somewhat different Senate version, S. 1418 (“Wired for Health Care” has already passed, lead by sponsors Ted Kennedy and Hillary Clinton.

 

The bill purports to promote an interoperable health information technology system, with a promise of systems that can “talk” to each so that medical records can be easily shared, resulting in better patient care and cost savings.

 

 

Speeding on the Information Superhighway Could Result in Medical Pile Up

 

 

Sounds good, right?  But the problem lies in what has to be done to get to that point, and our concern is that medical privacy with be the first casualty.  (See article below about electronic medical records stolen from University of Texas.  This not an isolated case – read   Electronic Medical Records a Bonanza for Thieves.)  We need to tell Congress to slow down.

 

Here are the problems with this bill:

 

1.  Overrules state laws

It allows the federal government to overrule any existing or future state privacy laws if they might interfere with the establishment of this national interoperable system;

 

2.  Expands power of HHS Secretary

Give power to only one person – the HHS Secretary – to decide what state laws are in the way of the new system.

 

3.  No guarantee of patient consent: 

There is no requirement that any standards established by the federal government include patient consent for disclosure of medical records;

 

4.  Concentrates power in one non-elected official

The bill grants massive powers to one individual, the National Coordinator for Information Technology, to be appointed by the President. He would oversee development of the national technology system, and will have authority to contract with private companies to do so. 

 

5. Potential conflicts-of-interest

The potential for rampant conflicts-of-interest are enormous, as the electronic medical records business has become a multi-billion dollar industry.  The same companies that GATHER the information make money by SELLING it.

 

This bill establishes a permanent committee of appointed industry representatives. We are likely to end up with the same dilemma we have with vaccine policy:  those who stand to benefit financially are those who get to make the policy recommendations.

 

 

Tell Congress to Protect Your Privacy & Kill H.R. 4157

 

 

The impact on patient privacy could be devastating.  Since HIPAA, which eliminated patient consent for disclosure of medical records, went into effect, the only true protection available to patients has been state laws that set a higher standard than the federal law.  But if this bill passes, these tougher state laws could be sacrificed in the name of efficiency.

                                                                                                                     

Many of you support the use of technology for medical records.  But plain and simple, here is the problem as stated so well by a former director of information systems for CMS:

 

You can build an information system to SHARE information, or you can build an information system to PROTECT & STORE information.  But you cannot have one system do both.  And even those (such as the Pentagon’s) designed to protect information have been compromised.

 

Until we solve that dilemma, a secure system is impossible, and your medical records are at risk.

 

Congressional switchboard:  (202) 224-3121

 

WRITE YOUR REPRESENTATIVE

READ AAPS LETTER TO CONGRESS

READ “Electronic Medical Records a Bonanza for Thieves”

------------------------------------------------------------------------------------------------------------------------
Feb. 22, 2006, 10:31PM

Stolen laptop puts patients' info at risk

Computer holds insurance claims of 4,000 treated at M.D. Anderson

By TODD ACKERMAN and SALATHEIA BRYANT
Copyright 2006 Houston Chronicle

HoustonChronicle.com -- http://www.HoustonChronicle.com | Section: Houston & Texas

 

The private health information and Social Security numbers of nearly 4,000 patients of the University of Texas M.D. Anderson Cancer Center are at risk after a laptop containing their insurance claims was stolen.

Patients and patients' families were notified this month of the theft, which occurred in November at the Atlanta home of an employee of PricewaterhouseCoopers, an accounting firm reviewing the patient claims. Those notified were advised to monitor their credit.

"The laptop that was stolen does have sophisticated encryption software, so it will be very difficult for someone to access patient information," Carrie Lyons, M.D. Anderson's chief privacy officer, wrote in a Jan. 30 letter. "Even though it will be difficult for someone to access patient information, we feel you should be informed of this incident."

Lyons said that because the laptop was stolen along with other valuables, investigators think it's unlikely it was taken to obtain the patient information. The matter is being investigated by Atlanta police.

Calls to PricewaterhouseCoopers were not returned.

Information contained in the laptop included patients' names, policy numbers, Social Security numbers, dates of birth, ZIP codes, medical procedures and dates of service.

Lyons said M.D. Anderson has received about 60 phone calls from patients concerned after receiving her letter.

She said none has reported learning his information was accessed.

"Businesses need to realize they have an obligation to protect information to see that it doesn't fall into the wrong hands because when it does it's a problem," said Tom Carter, senior attorney in the Dallas-based Southwest Regional office of the Federal Trade Commission. "That information is only as safe as they keep it."

Patients and their families should get copies of their credit report, Carter said, adding, "if some company is concerned enough to give me notice, I'm going to spend time checking it out."

Harris County Assistant District Attorney John Brewer, who works in the identity-theft division, said it's unlikely that common thieves have high-tech encryption-breaking devices. But he said that should not give people a false sense of security.

"Your personal information is so out there that encryption is the least of your problems," Brewer said. "It's all the other places it is that you need to worry about if you want to worry. No place is safe. Anybody who has good credit is a likely victim."

[email protected]

 [email protected]



HoustonChronicle.com -- http://www.HoustonChronicle.com | Section: Houston & Texas
This article is: http://www.chron.com/disp/story.mpl/headline/metro/3679070.html

 

 

.