ALL ABOUT PRIVACY IN HEALTH INFORMATICS



external image Privacy_Lock_300_jpg.jpg

Basic Defenition: Privacy in Health Informatics is the reassurance of security of patient information in the medical field and that all records will only be visible by those authorized.

The Balance of Privacy:

Patient Privacy is something that teeters on a fence between two extremes. The goal that most organizations have is to have an absolute balance, for should it tip to one side, the data would be come useless. In order for medical research to become possible, patient privacy cannot be to extreme to where all medical data to doctors becomes virtually useless. Doctor’s require this data to help develop the practices of evidence-based medicine and overall care for patients. Should the other side of the spectrum be attained, anybody who has a medical record would be exposed to the general public whether it is upper management, a nosy neighbor, etc. This only emphasizes the importance of Patient Privacy in Health informatics.


Why does it matter if it is private?

If everyone had access to everyone’s medical record the world would be a much different place to live in. The best hard-hitting example would be that it would be much harder for someone to find a job. In a recent poll done by Quantam Healing, 68% of patients said that it was important that employers did not have access to their medical records. This is because things such as pre-existing conditions come into play during the hiring process and an emplyer who is looking to hire is not going to hire someone who will cost more in health care and the other one due to high insurance premiums.


Technology in Privacy

Information Technology helps maintain the ease of privacy when before they were manually operated. With IT in the field, data becomes much easier to mine and sift through when it is placed into a repository. The advantage of medical research through Information Technology not only assures the privacy for patients but helps make improvements for patient care as well. This is done through informatics by having “the ability to apply safeguards in a uniform manner to allow protection of patient privacy.”


The Basics of Health Informatics in Patient Privacy
Since the health informatics field is constantly being updated and new ideas are being formulated it would be very difficult to set forth a very strict set of guidelines to blanket over the entire field to ensure privacy of information. The Waterloo Institute for Health Informatics Research decided that instead of creating these guidelines they would put forth a set of general concepts that should be used regarding the privacy of this information. These concepts are the following:
The Waterloo Institute for Heath Information research Guidelines
Recognize the interest and concerns of visitors and the businesses linked to the directory in developing information management principles.
Institute and develop procedures to safeguard the security of visitors' personal information, governing access to, use of and disclosure of personal information.
Execute accurate record-keeping procedures.
Only disclose personal information about visitors to unrelated third parties after the visitor has been informed in advance of the possibility of such disclosure and given the opportunity to decline (i.e. "opt out").
Remain flexible in responding to changing visitor needs and expectations regarding privacy as information networks such as Health Informatics evolve.


The following is a timeline that the Federal Health Privacy Regulation has progressed in the sense of patient privacy:

timeline.jpg




1996: Congress enacts the Health Insurance Portability and Accountability Act (HIPAA), which gave Congress three years (until August 1999) to enact comprehensive privacy legislation.


August 1999: Congress did not meet its self-imposed deadline to enact privacy legislation.


November 3, 1999: HHS Secretary Shalala published draft privacy rules in the Federal Register.

February 17, 2000: Public comment period closed. HHS received more than 52,000 comments on the draft, over half of which came from consumers and their representatives. Click here for Health Privacy Project comments.


December 28, 2000: HHS Secretary Shalala published the regulation in final form in the Federal Register. The text of the December 2000 privacy regulation is available at http://www.hhs.gov/ocr/hipaa/finalreg.html. It is also available at http://aspe.hhs.gov/admnsimp/bannerps.htm. Click here for Health Privacy Project overview of the December 2000 regulation.


February 28, 2001: HHS Secretary Thompson opened the privacy regulation for a 30-day public comment period. Click here for Health Privacy Project comments.


April 14, 2001: The regulation is effective, but covered entities do not yet have to comply with the regulation.


July 6, 2001: HHS issued guidance on the regulation. This guidance document is available at http://aspe.hhs.gov/admnsimp/bannerps.htm. Note: HHS intends to issue revised or additional guidance to reflect the August 2002 modifications to the privacy regulation.


March 27, 2002: HHS published in the Federal Register proposed modifications to the privacy regulation with a 30-day comment period. Click here for Health Privacy Project comments.


August 14, 2002: HHS published final modifications to the regulation in the Federal Register. Click here for Health Privacy Project press release. Click here for Health Privacy Project summary of the regulation (as of August 2002). Click here for the unofficial text of the privacy regulation. HHS intends to issue further guidance on the privacy regulation to reflect the modifications released in August 2002.

October 8, 2002: OCR releases frequently asked questions about the privacy regulation. The FAQs is available at http://www.hhs.gov/ocr/hipaa/whatsnew.html.


October 15, 2002: The modifications to the regulation are scheduled to take effect. Compliance is not yet required.
April 14, 2003: Covered entities must be in compliance with the regulation, except small health plans.

April 14, 2004: Small health plans must be in compliance with the regulation.



Web Resources:
Waterloo Institute for Health Informatics
Health Privacy Project - State
Health Privacy Project - National


References:
"Patient Privacy and Health Informatics." Quantum Healing. Quantum Healing, 2009. Web. 17 Oct 2010. <http://www.ulht.org/47-patient-privacy-and-health-informatics>.