John Timmer writes in Ars Technica:
The US government has now adopted a policy of fostering the adoption of electronic medical records (EMR). The policy is intended to increase the efficiency of the US healthcare system, thereby lowering costs and reducing the incidence of preventable errors. At the same time, through its The Health Insurance Portability and Accountability Act (HIPAA) privacy rules, the government has set minimum standards for the security of those records. These two goals—privacy and security of these records, along with their free interchange among medical providers—can easily wind up at odds with each other. A recent study that looked at the role of state privacy laws in EMR adoption suggests that the problem is very real, as state privacy laws seem to inhibit the use of EMR by hospitals located there.
The study he is discussing is:
Miller, Amalia R. and Tucker, Catherine: Privacy Protection and Technology Diffusion: The Case of Electronic Medical Records (February 5, 2008). NET Institute Working Paper No. 07-16. Available at SSRN: http://ssrn.com/abstract=960233 and is available in free full-text form for download.
Interesting! Can federal law override the state law in this case? or is it patient who utimately decide what he want ?
I think states have the right to impose more protections for their residents than the floor protections set by the federal government. The question you pose is really, “Can the federal government strip states of their right to impose higher standards in service of a national agenda or policy?”
I’d like to say that they can’t, but we’ve already seen the 110th Congress strip the citizenry of what some of us believe were our rights with respect to warrantless wiretapping.
Any constitutional lawyers around who can answer Andy’s excellent question?
Hi dissent there has been many problem almost everywhere, where EMR is used in abundance. The system got hacked, are there any companies which are giving protection software to run the system.
I don’t think that adequate security is simply a matter of having the right software. There’s much more to it than that. Are there companies that advertise software that might help? Sure, but no software app is up to the challenge of employees who don’t adhere to policy or who take data home with them, etc. etc.