We wrote last week about efforts to promote use of electronic health records (EHRs), but a report by the State Alliance for e-Health featured this week in HFMA’s “In the News” pointed out barriers to widespread EHR adoption beyond skewed financial incentives. Among the more interesting, and in some ways uniquely American, are concerns about consumer privacy.
Privacy concerns over EHRs are distinctly American for several reasons. First, privacy concerns are deeply rooted in America’s culture and laws, stretching back to the Bill of Rights and the Fourth Amendment’s prohibitions on “unreasonable searches and seizures.” Second, America’s federalist system of government, in which power is divided between national and state governments, can lead to a confusing network of regulations protecting consumer privacy. And third, if Americans feel that their rights have been violated, they are typically not shy about pursuing their claims in the courts or in the media.
The privacy values embedded in the Fourth Amendment may not provide much actual protection to consumer EHRs. The Supreme Court has held, for example, that individuals lose any constitutionally protected privacy interests in financial information that they “voluntarily” hand over to a third party. Thus, when you give a credit card to a store clerk, you are giving up any constitutional claim to the privacy of that information.
There is a significant difference, of course, between financial information and the highly personal information that may be contained in an EHR. A court could determine that providing a blood sample to a lab technician is a less “voluntary” act--and one that raises more intense privacy concerns--than providing financial information to a bank. But courts have so far been unwilling to accept a Fourth Amendment challenge to EHRs.
Where the Constitution stops, legislators are free to step in. While state legislators cannot pass a law that contradicts a federal law, they are free to require protections that exceed what federal law requires. As the State Alliance for e-Health’s report notes, “When state and federal laws are layered together at the practice-level, providers may find variable privacy requirements daunting. Rather than risk non-compliance, they most often seem to take an extremely conservative approach to sharing health information.” Given the bad publicity that companies have received over stolen laptops, and the potential liability they face, who can blame hospitals for dragging their feet?
The digital age is putting longstanding notions of privacy under pressure. There is clearly a generational divide on where the line between “private” and “public” falls, but Americans of all ages have proved willing to sacrifice a little privacy for the convenience of credit card purchases, online bill paying, etc. Still, resistance to EHRs remains, and will probably require a legislative solution that aligns state and federal laws, as well as a coordinated effort to convince the public that their health information is being treated in a way that both respects their privacy and improves the quality of the care they receive.
