Flawed health IT en­gi­neer­ing puts our health data at risk

Modern Healthcare - - COMMENT -

Re­gard­ing the re­cent ar­ti­cle “80% of health IT lead­ers say their sys­tems have been com­pro­mised” (ModernHealthcare.com, Aug. 26), the cur­rent U.S. health in­for­ma­tion tech­nol­ogy sys­tem is en­gi­neered to guar­an­tee that health data breaches will oc­cur for­ever.

Our sys­tems en­able mil­lions of “weak links” (peo­ple and au­to­mated tech­nol­ogy ser­vices) to ac­cess mil­lions of pa­tients’ records ev­ery day. There are no lim­its on data col­lec­tion or who can ac­cess the en­tire na­tion’s most sen­si­tive per­sonal health in­for­ma­tion. Data se­cu­rity is weak, and there’s a huge hid­den data bro­ker in­dus­try, with no ac­count­abil­ity or trans­parency to gov­ern­ments or in­di­vid­u­als (whose per­sonal health in­for­ma­tion is now held in mil­lions of data­bases, un­known and in­ac­ces­si­ble to the pa­tients).

Mil­lions of em­ploy­ees of cov­ered en­ti­ties, busi­ness as­so­ci­ates and sub­con­trac­tors ac­cess, use, dis­close, trade and sell the na­tion’s per­sonal health in­for­ma­tion to some 100,000 health-data sup­pli­ers cov­er­ing three-quar­ters of a mil­lion daily health-data feeds. With­out a “cul­ture” of pro- tect­ing data se­cu­rity, data hold­ers are not re­quired to use gold-stan­dard data se­cu­rity tech­nol­ogy or ob­tain ex­ter­nal au­dits prov­ing they meet tough data-se­cu­rity stan­dards. There also isn’t a data map that tracks all flows of our health data, so with­out con­trol over per­sonal health in­for­ma­tion, we need a “chain of cus­tody.”

Dr. Deb­o­rah Peel Founder Pa­tient Pri­vacy Rights Foun­da­tion Austin, Texas

Newspapers in English

Newspapers from USA

© PressReader. All rights reserved.