Has IT made patient privacy a thing of the past?
(page 3 of 3)
Epic’s interoperability system, known as Care Everywhere, transmits about 1 million patient records a month from one health system to another across the U.S. “Our experience is that approximately 1% of the patients opt out of sharing their information,” Faulkner noted. “These people can then rely on old-fashioned paper-based transmission, or they can work with their doctor to create a sharable summary that’s acceptable to both.”
As far as selling patient records, Faulkner says Epic absolutely does not engage in this practice.
What’s a consumer to do?
Besides HIPAA, there are only two other laws that provide a measure of consumer protection: Banks are required to safeguard depositor accounts under the Gramm-Leach-Bliley Act, and credit card holders have some measure of protection through the Payment Card Industry (PIC) regulations. However, they are not foolproof, as law enforcement entities can gain access to your financial information when conducting a crime investigation, and the credit bureau system has access to financial records for the purpose of evaluating creditworthiness.
“Even though these laws are in place, there are other countervailing laws that allow the government, for example, to be able to get these records if they can show they have probable cause,” said Melinda Giftos, an attorney with Whyte Hirschboeck Dudek. “They’re going to be able to pull that information even though there is a law that says it’s supposed to be confidential. These laws are not ironclad.”
Banks are routinely audited on their security policies and capabilities by the state Department of Financial Institutions and federal agencies like the Federal Deposit Insurance Corp. and the Federal Reserve. Banks also hire private companies to conduct penetration tests to evaluate the strength of firewalls and other protections.
“There is an element here that is extremely crucial, and that is reputational risk,” says Jim Tubbs, president and CEO of the State Bank of Cross Plains. “Certainly if there is an element of our customer base that was breached, the critical reputational risk, which is extremely difficult to measure, is something that’s extremely important to me as well as to my management team.”
Consumers might soon have a variety of software applications to protect personal consumer information, according to William Merrick, marketing coordinator for SOLOMO Technology in Madison. The move to put consumers in control of information collected about them is driven in part by concern that the NSA revelations could severely affect the growth of online retail. The World Economic Forum estimates that lack of trust in how personal data is used could erode online retail sales by as much as $1 billion by 2016.
Merrick said companies like SOLOMO are working to develop digital identity platforms that enable consumers to decide what personal data to share, and SOLOMO is taking it one step further by providing consumers the option of revoking an opt-in. He says consumers will eventually win this battle with “big data” companies, which he claims are indifferent, even hostile, to the concept.
“Once these platforms become better understood, I think some really exciting technologies are going to come,” Merrick predicted, “and it’s going to relieve a lot of tension in the digital commerce ecosystem.”
Giftos noted that not every government agency appears to be working against consumers. She said the Obama administration has issued a Consumer Bill of Rights, urging more transparency by companies that are gathering consumer information. In addition, the Federal Trade Commission has been pushing the business community to self-regulate by putting in place stronger mechanisms to educate consumers about the type of information being tracked and stored about them.
“They are trying to push so that companies are being more transparent about what they’re doing, which is interesting to me because if you look at that sector, it’s just the opposite of the example with the NSA,” Giftos said. “It’s kind of interesting to see the two different arenas play out.”
Click here to sign up for the free IB ezine – your twice-weekly resource for local business news, analysis, voices, and the names you need to know. If you are not already a subscriber to In Business magazine, be sure to sign up for our monthly print edition here.