New York aims to improve privacy of health information

New York state health officials are establishing a committee to improve protection of personal health information
New York state health officials are establishing a committee to improve protection of personal health information

Set up by the New York Department of Health and the New York eHealth Collaborative, SHIN-NY’s mandate is to update and create policy measures to protect PHI while expanding the state’s ability to share electronic health records among healthcare providers, consumers, and community resources.

The committee is composed of individuals from across the state with expertise in healthcare policy, including public officials, healthcare providers, attorneys, public advocates, regional health information exchange organizations, hospital leadership, and other policy specialists.

The committee includes Corrine Carey, senior policy counsel at the New York Civil Liberties Union, which issued a report critical of the state’s handling of patient privacy and the security of PHI.

“The state has endorsed a set of privacy and security policies and procedures for the implementation of health information exchange [HIE]. But these policies have significant flaws that pose challenges to the integrity of electronic record-sharing in New York State. Most significantly, these policies do not allow for patient control over the inclusion of their health information in the network”, the report found.

“In addition, the technological infrastructure used by the state’s HIEs represents an all-or-nothing approach: Once a patient consents to allowing a provider to gain access to his or her medical records, the provider sees everything that was ever entered into the network about that patient, regardless of whether the information is relevant to current treatment”, the report added.
 

What’s Hot on Infosecurity Magazine?