Thursday, April 17, 2008

Web-based personal health records

NY Times: "Microsoft and Google, the authors note, are not bound by the privacy restrictions of the Health Insurance Portability and Accountability Act, or Hipaa, the main law that regulates personal data handling and patient privacy. Hipaa, enacted in 1996, did not anticipate Web-based health records systems like the ones Microsoft and Google now offer."

Posted by Kevin | link | Comments (3) | Submit Web-based personal health records to del.icio.us Submit Web-based personal health records to digg Submit Web-based personal health records to reddit Submit Web-based personal health records to StumbleUpon


Comments:
So, how long before they start 'data-mining' your records?

No doubt they'll come up with some sort of specious 'opt-out' program, but like end user licenses, it'll be buried in fine print and lawyer double-talk.
# posted by Anonymous Fidel,MD : 8:45 AM
 
PHR are a bad bad idea if you value your privacy--and if you don't now, you may later, but privacy can never be taken back.
# posted by Anonymous Anonymous : 6:57 PM
 
"Hipaa, the main law that regualate personal data handling and patient privacy."

As much of what is written about patient privacy, this is incorrect. Leaving aside the assertion that the primary protector of patient privacy is the Hippocratic Oath, even as a legal rule, HIPAA is not primary. It is cleary superceded by state statues where they are more stingent than HIPAA--and most are in at least some respects. It is also trumped by physician's obligations established in common law.

In other words, you can be Hipaa compliant and still unethical and illegal and get your socks sued off of you. You just won't be fined by the feds for violating HIPAA.
# posted by Anonymous Anonymous : 7:00 PM
 
Post a Comment