Digital Medical Records' Privacy a Problem
Even as health care reform debate continues, changes to how your health care information is stored and shared have already begun.
And your doctor may not be the only one looking into your records, as CBS News medical correspondent Dr. Jennifer Ashton reported on "The Early Show" in our "Somebody's Watching You" series.
The health information technology revolution, Ashton said, began under the Bush Administration and has continued under President Obama with the goal of having the medical records of every American on a computer, as opposed to a shelf in the office of your primary care provider.
The goal, Ashton said, is to provide more efficient health care services, but protecting a patient's privacy is proving to be a challenge.
New laws under health information technology have come online this year, and among them is one that notifies patients when their data has been breached.
Breaches have occurred in hospitals, as it did in North Carolina in September. A computer hacker from the Ukraine got access to thousands of patient records at the University of North Carolina.
Dangers of Sharing Music Files
Too Much Video Surveillance?
Dr. Matthew Mauro, of the University of North Carolina Medical Center, told CBS News, "Approximately 160 to 180,000 women's personal identifications and information were on the server."
Elizabeth Page, a patient whose information was kept at the University of North Carolina, said, "I don't know if they were looking for health information. I don't know if they were just looking."
Send Dr. Jennifer Ashton your question for "Ask It Early"
Dr. Jennifer Ashton's Twitter page
However, Ashton reported what was more concerning for Page was that her information was even at the University of North Carolina. Apparently her information had been transferred from a private radiology lab after a routine mammogram -- and then made part of a study without her consent, Ashton said.
"I always assumed that if they were going to transfer my information somewhere else that they would have to get my permission to do that," Page said.
However, Ashton pointed out that consent is not always a requirement. She said doctors regularly -- and legally -- share patient information with health insurers, pharmacies, and researchers without ever notifying the patient.
Mauro said that kind of sharing is "quite common" in large databases of patients.
The University of North Carolina breach, Ashton said, helped fuel a broader debate over medical privacy and importance of protecting of patient information, as paper files become digital data.
President Obama has said that he hopes to computerize all of America's medical records within five years. And to get that national network of patient records started, Obama added $20 billion to the Stimulus Bill.
Deborah Peel, a psychiatrist is the founder of Patient Privacy Rights, a patient privacy advocacy group.
She says, "The key to the success of electronic health records is patients control who can see their information. ... We have no control over who can see our electronic health records. None."
So how safe will a national network of patient records be?
Several private health providers have already gone digital with embarrassing breaches of patient confidence.
This year Kaiser Permanente paid $250,000 in fines after 21 unauthorized employees accessed the digital records of reality television star Nadya Suleman, the so-called "Octomom."
Peel said, "The same things that happen to celebrities could happen to any of us. And it's not right."
Page said, "The patient does not have the right to control who sees their information and when. It's very important that we recognize that should be a basic right in the United States."
However, Ashton added there aren't any guarantees with computerized systems or paper records.
She said, "Even with the old-fashioned hard copy medical records, that privacy or confidentiality can still be leaked. We've seen that in hospitals with antiquated systems and we've seen that even in doctor's offices. But online medical records are the wave of the future and overall, the benefits outweigh the drawbacks."