[ Monday, February 20, 2006 ]


EHRs + Interoperability = RHIOs. David Brailer is speaking at the HIMSS annual meeting, and is pushing the need for EHRs to be able to communicate with each other so that a patient's health information can be shared by all of the various potential providers of care to that individual. That idea effectively creates a "regional health information organization" that is responsible for the network. Of course, allowing every possible emergency room that you might end up in and every physician who might be treating you to have access to your whole medical chart is a good thing for patient care; but if a bad actor can access one point on a network and easily travel over the whole network to access all that information, it could be used for bad purposes. So interoperability is bad for privacy.

Hmm. This has me thinking. I have a modest proposal: de-link social security numbers from healthcare. Push for individual identifiers that are not related to social security numbers.

Let me mull this over, but I think that's a light bulb over my head. . . .

Jeff [10:31 AM]

Interoperability is bad for privacy only if covered entities don't follow the security rule. As far as the individual indentifier is concerned--forget it--it will never happen.
Dave: As best we can tell, the Washington Cancer Center where Mr. Gibson (the only person to be subjected to criminal sanction under HIPAA) worked followed the Security Rule scrupulously. That didn't prevent Gibson from stealing identities out of the Cancer Center's database. Imagine if, instead of just fishing in the Cancer Center's pond, Gibson could get social security numbers from every provider database in Washington state.

The Security Rule isn't 100% prophylactic. Scrupulous compliance with the Security Rule won't keep people from misusing their access rights.

Now, imagine if Gibson had access to all provider databases in Washington state, but none of those databases had social security numbers in them. Sure, he could gain information about the individual's healthcare status, and potentially embarrass someone. But he couldn't do what he did.

I'm still working on a blog post on why a national identifier for healthcare would be a good idea. The biggest prize that bad actors can get from big PHI databases is not the medical information. It's the social security numbers and related financial information. If that wasn't there. . . .
Post a Comment
http://www.blogger.com/template-edit.g?blogID=3380636 Blogger: HIPAA Blog - Edit your Template