[Med-privacy] HIT & regulation

[peter marshall]

  =09
[....]
By Kirk J. Nahra
January 2008 | Privacy in Focus

[....]

At the big-picture level, the ongoing development of health information=20=

technology presents an enormous challenge to the overall health care=20
regulatory structure. The marketplace for health information technology=20=

is evolving far faster than the regulatory system. There are enormously=20=

complicated regulatory challenges (including some of the privacy and=20
security issues that I am involved in through the AHIC Confidentiality,=20=

Privacy and Security Work Group), but the difficulty of resolving these=20=

critical issues threatens to delay realistic progress in developing=20
health information technology. There's also the "real world" risk that=20=

a failure to act quickly enough to form a regulatory framework will=20
mean that the marketplace will develop without appropriate regulatory=20
controls.

The primary challenge now is to find a realistic and widely approved=20
means of encouraging swift development and adoption of health=20
information technology, while, at the same time, developing a realistic=20=

regulatory structure, even if it is not a perfect regulatory structure.=20=

At the same time, the privacy and security issues that are arising in=20
the context of electronic records=97 mainly, the question of whether we=20=

can develop appropriate privacy and security controls while still=20
achieving the goals of anintegrated health information exchange=20
environment=97are so significant, and raise so many questions about the=20=

current state of health care privacy laws, that this evaluation of=20
privacy and security issues for electronic medical records and personal=20=

health records will drive a wholesale re-evaluation of the overall=20
privacy and security rules for the health care system. ...=