Patient Privacy May Be at Risk with E-Records

Published February 1, 2008

Nine health care companies have joined forces to create a consortium urging better security safeguards in electronic health records.

The group–which formed in early December, at press time had received more than 40 applications from other companies hoping to participate, and expected to have 155 members by the end of February–is drafting a set of security standards it hopes to have in place by the end of the year.

“The industry has come to recognize that the current model for security isn’t working,” Daniel Nutkiss, chief executive of Hitrust, the Texas-based group created to oversee the project, told The Wall Street Journal for a December 5 story. “[The new standards will enable companies] to trust the people accessing their systems.”

Vagueness in current laws allows each company to determine its own path to making sure patients’ data are secure, forcing all of them to audit the practices of other companies with which they do business. A single set of industry-approved standards would streamline the process and create identifiable benchmarks, the consortium says.

Karla Dial ([email protected]) is the former managing editor of Health Care News.