Subcommittee must require real patient control of data and compensation for breaches

FOR IMMEDIATE RELEASE
Contact: (202) 675-2312, media@dcaclu.org

Washington, DC—The American Civil Liberties Union urges the House Energy and Commerce Subcommittee on Health at today’s hearing to develop privacy and security standards at the same time the health care industry converts from paper to electronic patient records.  The ACLU warns that without real patient controls and compensation for misused data, American medical records are extremely vulnerable to being lost or stolen from these systems.

“Right now, patient information is at risk of becoming a commodity that business can sell or trade,” said Timothy Sparapani, ACLU Senior Legislative Counsel.  “Medical privacy should not become a casualty of the race to set up electronic health records.  We need real patient control of data and damages for misuse or theft.  Patients must be able to review files, correct bad data, and block access without consent to personal information.  The legislation before the subcommittee does not have these protections.”

Sparapani noted, “There is tons of money behind a bill to encourage electronic health records.  The bill under consideration at today’s hearing takes the de facto industry standard from 43 states and makes it universal.  This bill only forces the 7 states that do not have notice and breach provisions for when any company has a data hacking or data loss to notify patients that their data has been compromised and to protect against identity theft.”

Several bills aimed at developing a nationwide electronic network for storing and sharing Americans medical information in order to reduce medical error, improve patient care and possibly save money are moving through both houses of Congress.

# # #