NY Times: “Microsoft and Google, the authors note, are not bound by the privacy restrictions of the Health Insurance Portability and Accountability Act, or Hipaa, the main law that regulates personal data handling and patient privacy. Hipaa, enacted in 1996, did not anticipate Web-based health records systems like the ones Microsoft and Google now offer.”
Related posts:
- Why personal health records may be unreliable
- Personal health records
- Google Chrome and electronic records
- A personal health record and using the PHR on a mobile smartphone
- Could privacy laws and bureaucracy derail universal electronic health records?
- Should patients own their medical records?
- HIPAA is impeding research this time
KevinMD.com on Facebook
{ 3 comments }
So, how long before they start ‘data-mining’ your records?
No doubt they’ll come up with some sort of specious ‘opt-out’ program, but like end user licenses, it’ll be buried in fine print and lawyer double-talk.
PHR are a bad bad idea if you value your privacy–and if you don’t now, you may later, but privacy can never be taken back.
“Hipaa, the main law that regualate personal data handling and patient privacy.”
As much of what is written about patient privacy, this is incorrect. Leaving aside the assertion that the primary protector of patient privacy is the Hippocratic Oath, even as a legal rule, HIPAA is not primary. It is cleary superceded by state statues where they are more stingent than HIPAA–and most are in at least some respects. It is also trumped by physician’s obligations established in common law.
In other words, you can be Hipaa compliant and still unethical and illegal and get your socks sued off of you. You just won’t be fined by the feds for violating HIPAA.
Comments on this entry are closed.