a) backs up her statement about EHR vendors selling identified data (and breaking the HIPAA law in the process) and

b) answers the accusations about her endorsement of Microsoft’s HealthVault from Fred Trotter and the rest of the open source zealots (including what she received in return for said endorsement),

her credibility remains severely suspect.

“electronic health records systems were NEVER designed to ensure Americans longstanding legal and ethical rights to control access to PHI” – False. Developing access controls to information in general has been a Computer Science discipline long before computerized medical records had been developed. Pretty much any advanced EMR system has access controls built in, along with overrides and datra access audit logging to protect PHI. These access controls are connected to patient consent. What is not there is absolute consumer control over PHI, which in my opinion is just as dangerous as no consumer control over PHI. I am sure both Rogue and Dr. Peel would prefer that their whole medical history is available to the ER doctor in a hypothetical care episode when an unconscious patient cannot give any consent.

“[Electronic health information systems] were designed to deliver information to corporate end-users.” – false. Anyone familiar with computer systems design would realize that the requirements for data mining and other “corporate use” are often incompatible with the requirements of an online transaction processing system. EMRs have to be designed with the latter requirements, otherwise they would be unusable by nurses and physicians. There are plenty of examples what happens to EMR systems when the users find them too cumbersome to use – they get de-installed.

Back to the original questions by Rogue. In that scenario, it is highly unlikely that the old information will be easily shareable between institutions, unless there is a specific need for it. The reason is that medical information is highly contextual, so one cannot just get a piece of data and move it around. There are two conceptual ways to share EMR data – an event triggers information push from the data source, or an event triggers information pull from a data consumer. In both cases there must be some need for the information to be provided or requested – for example allergies and immunization history are important pieces of information, which transcends individual encounters, so they are likely to be shared in a patient summary transaction between health care organizations. 10-year old psychiatric visit may be shared if there is a current psychiatric visit which triggers a request for previous such information from other systems, however the privacy controls in the current system would have enforced patient consent in both cases.

The areas where insurance information is shared among non-healthcare institutions is much more murkier to me, so I don’t have a good understanding about the way information may be shared in such settings.

For more information on what to look for in EMR/EHR systems that provide the necessary functionality for patient privacy and confidentiality, one can take a look at the HL7 EHR Systems Functional Model: http://www.hl7.org/ehr/downloads/index_2007.asp

Another specification, which addresses some of the issues of respecting patient consent in the context of healthcare information exchange, is the IHE Basic Patient Privacy Consent (BPPC) profile, part of the Patient Care Coordination (PCC) framework: http://www.ihe.net/Technical_Framework/index.cfm#pcc