Monday, November 29, 2010

What WikiLeaks Means for Health Care Privacy

"By releasing stolen and classified documents, Wikileaks has put at risk not only the cause of human rights, but also the lives and work of the individuals. We condemn in strongest terms, the unauthorized disclosure of classified documents and sensitive national security information."
Official White House statement yesterday regarding Wikileaks disclosure of diplomatic cables
No matter what people think of Wikileaks disclosure of approximately 250,000 classified diplomatic cables to the Internet yesterday with the help of the New York Times, The Guardian, Der Spiegel, and Le Monde, the implications to electronic health care information security are significant.

Day in and day out, I type huge volumes of information on my patients on a computer and my fellow physicians do the same. As a result, vast health care information warehouses are at the disposal of the government, insurers, and major health care institutions eager to become more efficient, strategic, or competitive. We are promised the information is private, confidential, and even stripped of its identifiers for group analysis. It is even protected to remain so by law.

And now we find that even the government's most sensitive and classified diplomatic data is subject to disclosure, some how, some way.

Worse, once the leak occurs, the government is powerless to correct the breech.

While a single individual's private health care information may not carry the gravitas of wartime communiqu├ęs, each of us deals with famous patients who might not want their diagnosis, HIV status, or drinking history spread far and wide. For them, this private information might be just as personally damaging as anything disclosed by WikiLeaks.

Yet in our new era of the Electronic Medical Record and government funding of health care in America, we now find that this potential loss of our health care privacy is the price (and risk) for care we'll have to accept.



WarmSocks said...

This is one reason that people will not be as honest with their doctors as they have been in the past.

When I trust my doctor and know that anything we discuss is between the two of us, then I can be candid. That's quite different than knowing that my private information is going to be typed into a computer and available to anyone and everyone who might ever gain access to the EMR. No matter how much I might trust my doctor, there is no reason to believe that information stored electronically will remain private. Even banks have security breaches.

Anonymous said...

I agree. Any computer connected to the Internet, any leased or discarded hard drive, any third-party access to data is a breach waiting to happen.