CDT today released a major policy paper intended to move the health privacy debate from its outdated focus on patient consent to a comprehensive framework that will provide more effective privacy protection. CDT is advocating for the inclusion of privacy protections in the President’s economic stimulus bill, which contains at least $20 billion for a national health information technology network. CDT’s paper argues that personal health information should easily flow for treatment, payment, and certain core administrative tasks without requiring patient consent, but that stricter limits need to be placed on marketing and other secondary uses. January 26, 2009
Consent Paper Press Release, January 26, 2009:
http://cdt.org/press/20090126press.php
CDT Consent Paper [PDF], January 26, 2009:
http://www.cdt.org/healthprivacy/200910126Consent.pdf
Comment: I have only skimmed the paper and will read it more fully later, but it seems that this paper by the CDT is a response to PatientPrivacyRights.org’s repeated urging for consent for each and every disclosure. I tend to agree with CDT that consent for every disclosure is not necessary, but there must be more consent involved in non-essential disclosures that were loosely permitted under the umbrella of “operations.” That said, there are some issues relating to consent to disclose for treatment as a broad consent that consumers need to be aware of so that they can make informed decisions. For example, if psychotherapy notes are disclosed and become part of a patient’s medical record with another provider, those notes would have less protection than they would otherwise have, etc. But more on this when I’ve had time to review CDT’s paper in depth.