Skip to main content.
The Congressman | Newsroom | Issues | Appropriations | Constituent Services | Rhode Island | Washington, DC | 21st Century Health Care Caucus | Newsletters
Home | Privacy Policy | Welcome Message
In Newsroom:
- October 2006
- September 2006
- August 2006
- July 2006
- June 2006
- April 2006
- March 2006
- February 2006
- January 2006
- December 2005
- November 2005
- October 2005
- September 2005
- August 2005
- July 2005
- June 2005
- May 2005
- April 2005
- March 2005
- February 2005
- January 2005
- December 2004
- November 2004
- October 2004
- September 2004
- August 2004
- July 2004
- Press Archive
- Speeches
- Editorials

Ensure Privacy to Maximize Benefits of Health Care IT

Providence Business News
3/27/2006
By Congressman Patrick J. Kennedy

Annual health care cost hikes are like first round upsets in the NCAA tournament. We might not know exactly what they will be, but we know they’re coming. 

In Rhode Island and in Washington, however, we finally have a real opportunity to reduce the relentless march of health care costs while also getting dramatically better outcomes. The key is bringing health care into the information age. Using Information Technology, we can transform health care to get dramatically better value for our health care dollar. But to realize I.T.’s potential, we also need to ensure that health care privacy is rock-solid.

The need for an I.T. revolution in health care is clear. The health care system failures are evident in the 98,000 annual deaths from preventable errors; the hundreds of thousands of preventable hospital-acquired infections; the fact that 45 percent of the time patients do not receive recommended care; a child mortality rate worse than Cuba’s and, for African-American babies, worse than Sri Lanka’s; and, of course, the fact that for these outcomes we pay nearly double the average for industrialized nations.

Underlying these dismal statistics is an inability to effectively process the massive quantities of information that drive health care. As any business leader knows, you can’t improve what you can’t measure. Electronic medical records can unlock the data currently trapped in paper records and ensure that physicians and nurses have the information they need at the point of care. Rhode Island is fortunate to be ahead of the national curve, developing a statewide initiative under the leadership of the Rhode Island Quality Institute. I’ve pushed for federal legislation to support these and similar efforts.

But simplifying access to information is a double-edged sword. We have seen from numerous data security breaches in a variety of fields that large quantities of individually identifiable information pose a tempting target. As we speed the transition to digital health care, we simultaneously must ensure that privacy protections in this new environment are iron-clad. 

The good news is that a digital health care system can enhance patient privacy while allowing us to dramatically improve care.

Today it is nearly impossible to restrict access to patient charts. As a result, they can be perused or even photocopied without anybody knowing. But electronic medical records can build in audit trails, so that every access to a chart is recorded. Electronic records can limit a user’s access to only that information within the record that is pertinent to the user. The creation of personal health records gives patients a way to control dissemination of their information and I.T. reduces the number of individuals who need to handle sensitive demographic and clinical information.

To ensure that I.T. enhances rather than detracts from patient privacy, however, we must update our privacy laws. For example, today a hacker who breaks into a clinical database has not violated the Health Insurance Portability and Accountability Act of 1996 (HIPAA). A hospital employee who sells the health record of a celebrity to a tabloid is not subject to criminal sanctions. Operators of health information networks and personal health record vendors are not subject to enforcement under HIPAA.

If a concept of health care privacy means anything, it is that individuals should decide who sees their own health information and for what purposes.

Our laws should therefore give individuals the ability to opt out of including their information in the emerging health information networks. We should require that access to a person’s comprehensive, identifiable information via Rhode Island’s developing health information network occurs only when that person has authorized it, expressly or by actions such as submitting a health insurance card or accepting a prescription or referral. And of course, we must ensure that our laws have adequate reach to bring criminal sanctions when an individual’s right to health care privacy is breached.

I am working to strengthen federal law, but Rhode Island should not wait. Federal law is merely a floor, and Rhode Island law can and should be stronger. Moreover, many of these steps can be established by agreement of the parties creating the state’s health information network.

The great potential of bringing I.T. to health care lies in organizing and enhancing the flow of information. But better access to information requires better control of that access. By promoting the move to networked electronic medical records together with updated privacy laws, we can write a real Cinderella story line for Rhode Island businesses and families. 

Patrick Kennedy is a member of the House Appropriations Subcommittee on Labor, Health and Human Services, and Education, the founder and co-chairman of the House 21st Century Health Care Caucus, and the co-author of the 21st Century Health Information Act (H.R. 2234).

 


 
 
 
Enter your email address to receive the Kennedy Newsletter.
Subscribe
Click here to search
Search
Click here to search
Full Site
This Section

Search Tips
divider