Opinion: Stronger Privacy Provisions Needed for Electronic Records
HEALTHCARE PRIVACY—U.S.August 5, 2010
In a Huffington Post editorial, attorney Marty Robins addresses concerns about the privacy and security of electronic medical records (EMRs). Though the private sector customarily employs firewalls, encryption and intrusion detection protocols, Robins says the government largely ignores security in its EMR regulations, only "strongly encouraging" encryption. "It is difficult to see how the public can be confident that their records will be handled properly when there is no explanation of the steps taken to make this true," Robins writes. He urges the administration "to publicly commit to and make a high priority the development and use of only state of the art technology and practices..." Center for Democracy & Technology health privacy expert Deven McGraw told the Daily Dashboard, "The HIPAA security rule allows providers some flexibility with respect to implementing certain specific safeguards like encryption. The risk of this approach is that it doesn't allow for us to confidently say to the public that a strong baseline of protections exists for electronic health information. It's hard to reassure the public with that level of uncertainty."