Blue Shield of California and Anthem Blue Cross joining forces this week was big news in healthcare, as a total of 9 million customers will have their records in the new comprehensive network, Cal INDEX.
However, this large health information exchange (HIE) has also spurred some long-term privacy concerns among healthcare patient privacy experts, some of who are against “opt out” HIEs and believe “opt in” HIEs are the better option for patients. “There are a lot of big pictures issues here that concern me,” said Pam Dixon, executive director of the San Diego-based World Privacy Forum, according to mercurynews.com.
In using the “opt out” standard, where patients must manually remove their records if they choose not to participate in their state’s HIE, the obvious detraction is that many patients may not be affording the HIE informed consent because they have no idea their records are even in the HIE.
HIE organization participants seem to be aware that patient trust in the privacy and security of their data is an important aspect to the exchange. “We know that patient privacy and security is just as important as having the most comprehensive medical records,” said Mark Morgan, president of Anthem Blue Cross, to mercurynews.com.
However, the true challenge is HIE data segmentation, both in terms of user access and the underlying technology. The Health IT Policy Committee Tiger Team has spent a great deal of time on data segmentation for behavioral health records, for example. How much access is necessary on a case-by-case basis isn’t immediately apparent and there don’t seem to be many easy answers. Though some health insurance exchanges have dealt with major security issues, there haven’t been too many stories about state HIEs lacking proper security measures. That doesn’t mean the threats aren’t out there, but to this point state HIEs haven’t been central hacker targets.