Patient privacy safeguards are woefully missing from initial draft criteria for Stages 2 and 3 of meaningful use, according to Deborah Peel, M.D., founder of the Patient Privacy Rights organization.
"Like the criteria for Stage 1, the criteria for Meaningful Use Stage 2 and 3 are missing the key elements Americans expect from electronic systems: the ability to control who can see and use personal health information and the ability to segment information so they can selectively share information," Peel said in a comment letter to the Office of the National Coordinator. "Segmentation is essential to protect sensitive information, but also is absolutely critical for patient safety, so that erroneous health information can be kept from disclosure."
Peel reminded ONC that recent recommendations of the Federal Trade Commission and the President's Council of Advisors on Science and Technology call for much more stringent privacy protections and consumer control over their data than the HIT Policy Committee's Privacy and Security Tiger Team, which is working on future meaningful use criteria. The team "has failed to make any recommendations about privacy and security for MU Stage 2," according to Patient Privacy Rights' comment letter. "Clearly, it is disappointing to see the HIT Policy Committee ignore key measures the public expects once again."
Patient Privacy Rights recommends that federal regulations that presently require patient consent before addiction treatment records or psychotherapy notes are disclosed, or before sensitive information is disclosed from the military health system to outside providers, be extended to include all protected health information.
"The MU Stage 2 criteria must enable each individual to selectively share parts of their health information ONLY with the people they choose and prevent those they do not want to see their data from having access (with rare exceptions under the law)," according to the comment letter. "The public expects their legal and ethical rights to be built into health IT systems and data exchanges now."
Patient Privacy Rights’ comment letter is available here.
Register or login for access to this item and much more
All Health Data Management content is archived after seven days.
Community members receive:
- All recent and archived articles
- Conference offers and updates
- A full menu of enewsletter options
- Web seminars, white papers, ebooks
Already have an account? Log In
Don't have an account? Register for Free Unlimited Access