LISTSERV - RECMGMT-L Archives - LISTSERV.IGGURU.US

RECMGMT-L Archives

Records Management

RECMGMT-L@LISTSERV.IGGURU.US

	LISTSERV Archives
	RECMGMT-L Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Forum View Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: Google health records online
From:	"Allen, Doug" <[log in to unmask]>
Reply To:	Records Management Program <[log in to unmask]>
Date:	Wed, 21 May 2008 13:40:28 -0500
Content-Type:	text/plain
Parts/Attachments:	text/plain (73 lines)

Chris made some very good points in his posting. This is actually a
great discussion. Chris - I'll "add" a bit to what you said and hope
that you don't mind.

HIPPA

The HIPPA regulations may not apply. Perhaps they should, however. In
this area unfortunately, I believe that it would be helpful to protect
consumers against what they don't know, or what they've not considered.

Privacy

It is true that if any of us places any information online, our
expectations of privacy are minimal at best. However, in such cases,
full and complete disclosure (in non-legalese) should be provided to
ensure that consumers are alerted quite plainly that they are waiving
their privacy rights to such records, or that they may be waiving those
rights.

Access / Security

This is one area where we need to recognize that putting "people in
jail" isn't quite as easy as it may seem. There's no real legal
recourse to those who are outside the boundaries of the U.S. - Ever try
to "arrest" a Nigerian national, Chinese national, or for that matter,
any other national in those countries where stealing identities, and
running scams are commonplace? (BTW, I'm using those examples ONLY as
examples and am not casting aspersions on either country. These are
illustrations only!).

As for "due diligence", when it comes to medical records, "we" might
wish to demand better. Even identifying the source of identity thefts
has been a challenge in the credit area, I would expect that to be no
easier in trying to identify who actually obtained access to electronic
medical records.

Viability

I'm not opposed at all to ensuring that medical records are electronic
and can be made available to medical professionals whenever I'm seeking
or in need of treatment. However, until I see more adequate
protections, I certainly won't be signing up to place my medical records
online.

Records Concerns

What are we worried about? - Privacy Rights, inadvertent disclosure of
medical information to those who have no business seeing such records.
I've not waived such rights, and won't voluntarily do so - not without
better protection and better recourse. Records Concerns? Unauthorized
access is a records concern. What is my solution? - Better disclosure
by google, inclusion of HIPPA requirements for those who host any form
of medical records. Does AMA need to be involved? - Maybe. I think
that AHIMA and ARMA and a few others should be.

What is "my solution"? I don't believe that any of us needs to come
fully equipped with "the answer" here. HIPPA expansion might be a good
idea, very tight security standards for medical records would be another
- as would the assurance that Google and others were following such
standards.

Just a few additional thoughts.....

Douglas P. Allen, CRM, CDIA+
[log in to unmask]

List archives at http://lists.ufl.edu/archives/recmgmt-l.html
Contact [log in to unmask] for assistance
To unsubscribe from this list, click the below link. If not already present, place UNSUBSCRIBE RECMGMT-L or UNSUB RECMGMT-L in the body of the message.
mailto:[log in to unmask]

ATOM RSS1 RSS2

LISTSERV.IGGURU.US