The National Committee on Vital and Health Statistics, an advisory committee to the Health and Human Services Department (HHS), has called for stronger privacy protection as health records are digitized and delivered across networks.
The committee prepared a report, which recommended less reliance on the Health Insurance Portability and Accountability Act of 1996, in response to a request from the Office of the National Coordinator for Health Information Technology.
Instead, the committee called for “a transformation, in which the focus is on appropriate data stewardship for all uses of health data by all users, independent of whether an organization is covered under HIPAA.”
The intention of the report was to examine issues relating to secondary uses of health data, uses other than caring for the patient. The committee determined that secondary uses were often-misunderstood labeling and also potentially a pejorative labeling.
The report, “Enhanced Protections for Uses of Health Data: A Stewardship Framework for ‘Secondary Uses’ of Electronically Collected and Transmitted Health Data,” offered more than 20 specific recommendations, most of them for HHS officials.
The committee said HIPAA protections are effective when the health records are used by those actually caring for the patient, but the more removed the user is from the patient, the less assurance there is that the data will be protected. The report also raised concerns about the sale of health data, the adequacy of de-identification techniques, the numerous state and federal laws covering health information privacy and the difficulty of distinguishing between research using health data and quality improvement programs using the same data.