John D. Penn, a partner in corporate law firm Haynes & Boone, has a commentary in the Fort Worth Business Press. He argues that:
Creating one set of national health records for everyone (enacted in the 2009 economic stimulus law) and requiring all healthcare providers to be substantial users is an irreversible step toward nationalized healthcare. This step effectively ordained that a single-payer system is in our future. No one argued that creating the records meant a nationalized system was on the way, but there is little doubt that centralized records will have that effect.
[…]
If you think the nationalized medical records will really be private and fully protected, how many government computers are hacked? How long will it be before those records are hacked? If your records can follow you wherever you go in the country, those records can be accessed from anywhere in the country by anyone with access to medical records.
[…]
Groups that support the “right to privacy†normally insist on search warrants and other extraordinary actions before private records are turned over to the government. They were large and loud in their protests against “warrantless wiretaps†of foreign telephone calls a few short years ago.
It is odd that groups who champion the “right about privacy†have been silent about the government takeover of medical records. What’s really quite incredible is that those groups’ supporters in Congress fell all over themselves voting to require everyone to give all of those records to the government. Since when did the need for an “economic stimulus†outweigh everyone’s right to privacy?
Speaking only for myself, of course, I can only wonder what John has been reading, as patient privacy advocates have been loud and clear about privacy and security concerns raised by a move to electronic records. But the issues of security and access control that John raises are the same when our health information is in private sector or non-profit hands. Does he really think that having our prescription records shared and sold as they have been is really preferable from a privacy standpoint to having them in the hands of the federal government?
And his attempts to spread fear about federal databases being hacked is partly misplaced. Yes, the government has had some large data breaches, but when was the last time you read about a security breach involving Medicare beneficiaries’ prescription records? I can’t recall seeing any breaches like that, but I clearly recall reading large breaches totalling tens of millions of pharmacy records held by WellPoint, Express Scripts, and the Virginia Prescription Database. I also recall large settlements between pharmacy chains such as CVS and Walgreens and states attorney general over the improper disposal of paper prescription records. So the problems are both paper and electronic, public, and private, and spreading FUD about a single-payor system does not focus our attention on the compelling security and privacy issues that persist in all sectors.
The issues concerning the privacy and security of electronic health records are serious and real. The issues about the sensitivity of mental health records are also serious and real. But claims about electronic records inevitably leading to nationalized health care just muddy the waters. I think that the issues are, and should be, treated as different issues and that we should focus on the issue of how do we protect the privacy and security of electronic PHI records regardless of whether they are in a federal database or a non-governmental database.