Friday, July 2, 2010

Health IT After HITECH

On Wednesday, June 23, 2010 the Center for Democracy and Technology held a panel discussion on health information privacy at the San Francisco office of the law firm of Manatt, Phelps & Phillips, LLP. According to Deven McGraw, the Director of the Health Privacy Project at CDT, the lack of a clear health privacy policy framework on innovation was one topic covered. The video is below and then there are slides from Cal OHIII on secondary uses data flow by entity type:
The panel combined both California and national health IT expertise and featured Jonah Frolich, California Deputy Secretary for Health Information Technology; Alex Kam, Acting Director of the California Office of Health Information Integrity (OHIII); David Lansky, President and CEO of the Pacific Business Group on Health; John Mattison, M.D., Chief Medical Information Officer of Kaiser Permanente; Deven McGraw, CDT’s Health Privacy Project Director; and Julie Murchinson, Managing Director of Manatt Health Solutions. Leslie Harris, President and CEO of CDT, moderated a discussion that quickly became an active one among both panelists and attendees.

The focus was initially on California and a recent paper released by CalOHIII largely raising concerns about “secondary” uses of health data (the paper will be available online shortly, check back here for a link). Such uses are often cited as raising greater privacy concerns. Yet the use of data for secondary (beyond individual treatment) purposes – such as for quality measurement and comparative effectiveness research – are key to achieving greater health system reform, raising the question of whether they should be relegated to secondary status.

The panel also spent some time discussing the appropriate role of individual consent in protecting privacy. The CalOHIII paper presents pro and con views on an “opt-in” approach to electronic health information exchange. CDT also has published papers raising doubts about the ability of privacy policy frameworks anchored by “notice and consent” to protect individual privacy.
via cdt.org