Julie Chang reported on a recent Texas Tribune interview with David Blumenthal, the national coordinator of Health Information Technology. Here’s the section dealing with privacy issues, and it follows on the heels of some great reporting by the Austin Bulldog, covered previously on this blog, that revealed how a lot of patient data is being sold for “research” purposes:
TT: The issue of privacy has been a hotbed of concern. There have been reports, even here in Texas, of patient electronic records being sold to research companies. How do you respond to concerns that electronic records will only increase the risk of violating patient privacy?
Blumenthal: Well, they shouldn’t be sold if people don’t give consent. We’re committed to having patients control the uses of their health data. Their consent is going to be vital.
Okay, stop right there. Isn’t that what some of us have been saying should be the requirement — consent — and not just “consent” but “informed consent?” And for our advocacy, we’ve been called privacy alarmists or just viewed as the enemy of progress.
TT: Whose responsibility is it to ensure that patient privacy is protected?
Blumenthal: It’s a collective responsibility. We, in the federal government, give our best judgment about what the preferred approach is to getting patient consent. I think we also need to enforce the existing laws that penalize people who don’t carefully guard patient information, and there are substantial penalties available. States have a responsibility because they have a lot of freedom to set local laws to make sure that they involve the public in creating those statutes and those regulations. Doctors and hospitals have to understand what patients want and need from them in the way of privacy in the electronic world.