Patients should control their records. It’s easy to change a credit card or phone number, but biometric indicators and identifying traits are permanent. intersection
To safeguard against identity theft, discrimination and preserve individual privacy, patient records must be secure. Security measures should not come at the detriment of usability. If a patient and their doctor have difficulty accessing electronic health records, the patient’s care will suffer.
This March, the Office of the National Coordinator for Health Information Technology released the final rule required by the Cures Act. This rule eliminates information-blocking and calls for developing standardized application programming interfaces that allow patients to seamlessly access their electronic health information. These APIs are required to adhere to the same security protocols that banking apps utilize.
In many ways, COVID-19 has exemplified why EHR interoperability and the modernization of our public health data infrastructure are essential. The flow of data between clinical care and public health systems often relies on dated technology, such as paper submissions and faxes, and individuals are stuck in the middle navigating paper, emails, phone calls and patient portals. Our antiquated processes slow the tracking of the invisible enemy we know face, COVID-19.
Digitizing information introduces unique vulnerabilities. Information may be stored in perpetuity and transferred virtually anywhere. As a result, nefarious actors work to uncover this information and use it against patients, doctors or healthcare organizations. In recent years, the market for stolen personal information has grown. This demand is exacerbated by COVID-19 and the lack of preparation for the flood of COVID-19-related cyberattacks.
While we cannot legislate away cybercriminals, we can reduce their ability to steal personal information by passing a federal privacy law and offering incentives for stronger cybersecurity. HIPAA governs healthcare information and must be applied in conjunction with a single national privacy standard.
Technological advances transcend sector-specific prescriptions to provide greater benefits for patients and providers. Now is the time to debate and enact privacy and security standards.
Negotiations for a federal privacy law are ongoing. Just like everything else, COVID-19 has slowed down these discussions. Congress must get back to the negotiating table to do the job for which we were elected. If healthcare professionals can go to work each day under difficult circumstances, Congress can come together to write the laws that protect them and their patients.
intersection intersection intersection