How Secure is Your Medical Information?
Two of the most bandied-around concepts in healthcare are those of privacy and confidentiality. Even before HIPAA mandated measures to ensure that health information be
safeguarded, medical professionals felt ethically bound not to disclose medical information to those who were not authorized or had a distinct "need to know."
The Health Insurance Portability and Acountability Act of 1996 (HIPAA) just codified those practices, laying down specific guidelines for implementation, and spelling out the adverse consequences of violating those principles.
Most of us feel our information is pretty safe. As recently as last week I received notification of lab results on my smart phone and I often log in to my medical record through a "secure" portal using my cell phone or iPad. That is all part of the convenience and immediacy provided by technology. Each site is password protected and I am typically reassured by the hypertext transfer protocol secure ( https://) designation that pops up on "secure" sites.
Recently we all heard through a whistleblower insider that the government has in effect being spying on us. The subsequent information coming from providers like Google, Facebook, AOL, Yahoo, Verizon and others indicate the extent of the information routinely accessed by the government's National Security Agency (NSA) and its civilian contractors.
Under a classified program called PRISM, the NSA surveys the communication that flows through the servers of these American-based companies on the pretext that some of that information to and from overseas might indicate a national security threat.
So if you have emailed "confidential" information, shared "private" information electronically with friends, conducted business, accessed "secure" sites, there is the possibility that the government was looking over your shoulder. How does that make you feel?
The feeling that as a law abiding citizen you have nothing to hide might be true but naïve. The current claim that information is gathered and aggregated but not necessarily analyzed might be little comfort. How much of your information has been gathered and stored? What might this information be used for in the future? How comfortable are you with the idea that even your medical information you'd rather keep private might in fact be no longer private?