We are at an important juncture in the effort to build a health care ecosystem powered by information technology. The nation is at the beginning of a five-year commitment to achieve widespread adoption and use of electronic medical records by health care providers. The health care system suffers from unsustainable costs and uneven or poor quality, and increased digitization and more robust sharing of health information is widely seen as key to reversing these trends.
At the same time, the public consistently expresses concern about the privacy and confidentiality of digital health records.
Changes to federal health privacy laws enacted by Congress in 2009 have not been implemented due to regulatory delays, and breaches of electronic health data are far too common. Failure to build and maintain public trust in the collection and sharing of electronic health information will doom efforts to leverage health information technology (health IT) to promote innovation in the health care sector. In this testimony we discuss some of the key privacy and security challenges that will need to be addressed in order to provide a firm foundation for realizing the benefits of health IT.