More on the Essential Harmonization of Meaningful Use and Privacy & Security Policy

by Carol Selvey

Federal advisers understand the connection between meaningful use and privacy and security but are still slow to articulate exactly how to assure consumers that their digital medical data will be secure. Evidence of this was voiced at the HIT Policy Committee meeting last Monday, where it was noted that a risk “assessment is the only privacy or security requirement providers must meet if they are to qualify for meaningful use of health IT in 2011.”  Privacy and security are fundamental to defining meaningful use. Without confidence that records are secure, adoption will be impeded.

Within two weeks of publishing guidelines related to meaningful use, a federal advisory panel met last week to begin the process of updating The Office of the National Coordinator’s (ONC’s) Strategic Plan. The original Federal Health Information Technology (HIT) Strategic Plan was published in June 2008 and covers the period from 2008 to 2012. The draft framework document identifies four strategic themes, including meaningful use and privacy and security.

It’s reassuring that both meaningful use and privacy and security are among the strategic themes. Clearly, for the public to receive full benefit from the new and improved HIT- enabled health system (hence, for meaningful use to be achieved), we need to resolve existing conflicts related to  securing electronic health information. Patients need to know that their data is maintained and shared appropriately so that it is accessible to optimize care. The draft plan sets the goals of building public trust and participation. This makes sense since MSNBC reports that at the recent annual International Consumer Electronics Show in Las Vegas both technology experts and consumers expressed concerns about public reluctance to embrace digital health. The lack of patient demand for electronic health records was cited as a major obstacle; according to David Cerino, general manager of the Consumer Health Solutions Group for Microsoft, the three conditions required for widespread acceptance are transparency, control and security.

We need to be sure that policymakers are aware of the significance privacy and security factors will affect adoption of electronic records and health information exchange. Only when consumers’ fears are addressed will we see a considerable universal upsurge in demand for health IT. Only then will the dollars spent and the incentives offered really have an impact on transforming our health system by engaging patients, improving care and reducing cost.