At a joint hearing of two New York City Council committees (on Tuesday), the New York Civil Liberties Union raised serious privacy concerns related to New York State’s ongoing transition to electronic medical records.
“Sharing health information among health care providers will likely benefit patients greatly, but to recognize this benefit we need to take steps to protect the right of New Yorkers to keep their most personal information private,” said NYCLU Executive Director Donna Lieberman. “Without commonsense privacy protections, easily shareable electronic records can create threats to patient privacy, including making patients’ most personal and confidential information susceptible to inadvertent disclosure and misuse.”
Electronic networks operated by regional health information organizations already allow health-care providers to share patient information among participating providers within those regions. Eventually, these regional networks will be linked by the New York State Health Information Network, which will allow health-care providers throughout the state to easily access patients’ medical records.
Testifying before the Technology Committee and the Health Committee, NYCLU Senior Public Policy Counsel Corinne Carey warned that, despite the network’s potential benefits to patient care, there are serious gaps in the privacy protections currently in place.
“Patients have little control over confidential and sensitive health information once it is entered into an electronic network,” Carey said. “If patients don’t trust the network, they will not use it, and there may be significant public backlash, as we’ve seen with periodic uproar over the level of privacy protection guaranteed by Facebook.”
Carey discussed three major concerns: (1) patient consent is not required for entering individual medical information into the network; (2) the state has adopted an “all-or-nothing” approach to sharing health information that gives everyone who accesses a patient’s electronic record all of that patient’s medical information, regardless of the need; and (3) the state has not engaged in sufficient public education about the network.
The state’s current policies require patient consent only when a provider wants to download a patient’s medical records from the network. In emergency situations, state policy allows providers to access a patient’s medical records without the patient’s knowledge or consent. Patients should have a choice about whether they want their medical information to be linked to an electronic network that allows for easy sharing before it happens, the NYCLU testified, not simply when a provider wants to access that information.
Patients also should be able to choose what health information is shared and with which providers, including sensitive information such as history of substance abuse treatment, mental health conditions, abortion and other reproductive health care. Otherwise, the patients who most need help may refuse to participate for fear of negative consequences such as discrimination both within and outside of the medical system.
“There has been an astonishing lack of communication with the public about the development of health information networks,” Carey said. “Informed consent is a critical concept in health care. Patients can’t give consent that is truly informed unless they understand the risks and benefits before making the decision to participate. The state must initiate a public outreach and educational campaign about the network that is more than simply a promotional tool.”
To read the NYCLU’s full testimony, visit www.nyclu.org/files/releases/e-health_Testimony_12-6.10.pdf.
Source: NYCLU