Emily Millner
As New York Builds Its Health Information Exchange, New And Complex Privacy Issues Arise.
The move towards implementation of health information exchange (HIE) introduces new concerns regarding patient privacy. New York State is building a health information exchange that uploads the entire history of a patient’s medical records to a centralized network. The New York eHealth Collaborative together with the New York State Department of Health have established the Statewide Health Information Network of New York Policy Committee.
The committee’s primary task will be to create and update policies that protect personal health information while expanding the state’s ability to share electronic health records between healthcare providers as well as consumers and other health-related community organizations. The committee was established after The New York Civil Liberties Union issued a report criticizing New York State’s current privacy and security policies and procedures governing computer networks that share electronic medical records.
The committee aims to make health information both accessible and secure. One area of concern, which the committee hopes to address, is the technological infrastructure of the state’s HEI, which has been described as “an all or nothing” approach. Once a patient gives the provider consent to access his or her medical records, the provider can see everything about the patient that was ever entered into the network, regardless of whether the information is relevant to the current treatment. The committee hopes to implement a policy requiring HIEs to have the capacity to sort and segregate information so that both patients and providers have the ability to restrict access to certain portions of a medical record.
The committee works with stakeholders form across the state and from a wide variety of interest groups to develop common policies, procedures and technical approaches through an open and transparent process. The committee will continue to work towards developing a system that strikes the proper balance between accessibility and security of health information.
http://www.informationweek.com/news/healthcare/security-privacy/232800368
OR