October 1, 2012 is the official deadline for healthcare providers to submit their implementation of EHRs, electronic health records, to take advantage of the millions of dollars in incentives provided under ARRA, American Recovery and Reinvestment Act of 2009, and the HITECH Act, Health Information Technology for Economic and Clinical Health which is part of ARRA as well as the Affordable Care Act. For those providers who have not implemented such EHRs by 2015, penalties start being charged.
For consumers this means that EHRs have arrived and will expand over the next few years. Except with little attention to more than a cursory mention of the privacy concerns to patient information and with less attention to the fact that no provision is made to return any of the money saved by healthcare providers or government to citizens, this part of Affordable Care and President Obama’s approach in general can leave citizens worried.
President Obama’s strategy continues to be one where he meets his own objectives such as passing a healthcare law, or implementing electronic health records while ignoring or downplaying the weaknesses in his goals that can negatively impact citizens. When called on any particular negative issue the President blames essential compromise without considering that perhaps prematurely passing laws without adequate protections for predictable risks is unwise.
While this strategy is effective because it enables The President to control and steer the public conversation in the direction of those provisions he believes will be the most popular such as the removal of pre-existing conditions as a justification for being denied insurance, it leaves us with only half-information about the impact on our lives from the Affordable Care Act.
Ultimately, while the truth-telling ability of both candidates has been challenged, in general, I prefer an out-and-out lie to a lie of omission because a lie of omission can seem like the truth.
When electronic health records, known as EHRs or EMRs for electronic medical records, were sold to the public it was their usefulness in protecting patients and in reducing healthcare costs from duplication of services that were emphasized.
Of course risks to patient privacy and the failure to include any requirements that cost savings to healthcare providers achieved by EHRs be passed onto consumers were not addressed. And the value of EHRs is seriously compromised by both these omissions first because data security breaches are commonplace and secondly because savings to healthcare providers that are not required to be passed on to patients merely improve their bottom line not ours.
And there’s a reason that these issues are not adequately addressed. It’s because EHRs are purposed to save money for government and healthcare providers, their implementation is not for the benefit of patients and consumers.
Sadly it’s moving forward in spite of its major risks to the privacy of medical data and inadequacy of enforcement strategies including financial remedies such as liquidated damages for consumers whose privacy has been breached.
If you look up the Affordable Care Act timeline you’ll arrive at a Healthcare.Gov page describing the EHR rules under the heading, “Reducing Paperwork and Administrative Costs.” And of course, the legislation and its provisions are focused around this goal of reducing costs, not ours but the government’s and those of healthcare providers.
Only in terms of a sales pitch are the words “…most importantly, improve the quality of care,” thrown in at the end of the descriptive language because in fact while the hope is that improved care might be a byproduct of the legislation, the purpose of the legislation is to save money as its title indicates.
Unfortunately, like other provisions of the Affordable Care Act, the approach shows a grotesque disregard for potential negative impacts on patients through the misuse and breach of confidentiality as well as for mistakes that occur in electronic recordkeeping. Most security experts believe that there are significant risks of breaches of patient records. Honestly, in lieu of virtually weekly reports of enormous data breaches it is remarkable that such risks are so poorly addressed.
You can find information concerning an obligation to report breaches of privacy to those whose records have been breached in HHS (Health and Human Services) pages dealing with, “HITECH Breach Notification, Interim and Final Rule.” Yes the familiar HIPAA law that has proven virtually useless in protecting patient privacy is once more rolled out to cover patient privacy and the risks of EHRs, to be administered by the Office for Civil Rights, the OCR.
It is this repetitive tactic that the President uses which is to get something done that meets his priorities while ignoring or largely ignoring predictable negative impacts on citizens that make his policies and his approach to his presidency untrustworthy to many citizens.
