The March 2009 issue of Security Magazine, in an article updating security leaders on privacy, will report a growing concern that the Economic Stimulus legislation may redefine the privacy of healthcare records.

Reportedly Google is pushing for the provisions so it may sell patient medical information to its advertising clients on the new "Google Health" database: https://www.google.com/health/

The advocacy organization Consumer Watchdog is proposing more stringent regulations to be built into the Stimulus legislation.

For hospitals, health insurance firms and healthcare facilities, their administrators, IT and security executives must follow the federal Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule, issued by the U.S. Department of Health and Human Services. The Office for Civil Rights enforces the Rule, which protects the privacy of individually identifiable health information, and the confidentiality provisions of the Patient Safety Act, which protects identifiable information being used to analyze patient safety events and improve patient safety.

The Rule has teeth.

It gives patients an array of rights with respect to information about them. At the same time, it’s balanced so that it permits the disclosure of personal health information needed for patient care and other important purposes.

There is, however, a potential privacy fight brewing relative to the electronic medical records provisions of the Economic Stimulus legislation. Google is in a beta test of Google Health, aimed at citizens so they can be “in charge of (personal) health information.” Among the services: People can organize their health information all in one place as well as gather medical records from doctors, hospitals and pharmacies.

Reacting to a rumor that the search firm may lobby Congress to allow some level of the sale of electronic medical records in the current version of the Stimulus legislation, advocacy group Consumer Watchdog called on Congress to remove loopholes in the ban on the sale of medical records and include other privacy protections absent from the current bill such as giving patients the right to an audit detailing who had accessed their medical records and how the records were used.

The non-partisan Consumer Watchdog called on Google to cease a rumored lobbying effort aimed at allowing the sale of electronic medical records in the current version of the Economic Stimulus legislation. Consumer Watchdog called on Congress to remove loopholes in the ban on the sale of medical records and include other privacy protections absent from the current bill such as giving patients the right to an audit detailing who had accessed their medical records and how the records were used.

In the letter sent to Congress, Consumer Watchdog wrote:

"Americans will benefit from an integrated system capable of making our medical records available wherever we may need them, but only if the system is properly used.

"The medical technology portion of the economic stimulus bill does not sufficiently protect patient privacy, and recent amendments have made this situation worse. Medical privacy must be strengthened before the measure's final passage, rather than allowing corporate interests to take advantage of the larger bill's urgency. ...

"First and foremost, electronic medical records should be designed to benefit patients, not the corporate interests lobbying hard on Capitol Hill to get a piece of the $20 billion in taxpayer subsidies provided for this project."

http://www.consumerwatchdog.org/