Privacy fears slow health IT push

Until we settle on a unique identifier for all personal databases privacy is unachievable.

CORRECTION: Deborah Peel insists she has always supported health reform.

Fears about the leakage of private health data have kept health an IT backwater since the HIPAA law went into effect.

Why a system where you can't find records and have to re-enter them each time you see a new doctor is considered safer than an automated system remains beyond me. But that's what many doctors believe.

They're acting as data hoarders, no different in their way from kids who download songs from BitTorrent because they fear losing access to them. But the Man wants to put the kids in jail. He coddles the doctor.

Today rules for the Nationwide Health Information Network (NHIN) are being held up by a dispute over whether day-to-day governance will be done through private groups or government rules, said National Coordinator for Health IT David Blumenthal (below).

Questions about implementing privacy and security are delaying recommendations from a Tiger Team tasked with advising the government policy committee which is creating the meaningful use rules.

At the same time activists like Dr. Deborah Peel (above) hover around the media, claiming that EHRs are all "designed for backdoor data mining," deliberately confusing the use of anonymous data in studies with the seizure of individual records by employers or insurers.

Turning records into numbers is the best way of finding out what works in medicine. That's not a privacy violation. Getting fired because your employer found you were seeing a shrink on your own dime is a privacy violation, but that's what EHR systems are designed to prevent, not enable.

Dr. Peel opposes health reform, but rReform is the answer to the problem. Only by eliminating the incentive employers and insurers have to peek at records, by having everyone pay equivalently into a common pool, can we gain a measure of medical privacy.

This is not to say that privacy and security are unimportant. They are. But we have a lot more to fear from insiders putting a few gigabytes of data onto a USB stick and selling that stick to an identity theft ring than from what's in the medical records.

Medical records are financial records first.

The answer to that question lies in secure identity, in better keys that keep both our financial and health records safely under our control. Until this key is in our hand, until we settle on a unique identifier for all personal databases, then privacy is unachievable. We'll be going around-and-around until 2020 looks like 1999 does now.