mailitics

STAT+: Dozens of hospitals demand better security for patient record sharing in letter to officials

STAT+: Dozens of hospitals demand better security for patient record sharing in letter to officials










More than 60 health systems have sent a letter to officials running national health record exchanges, asking them to take action to prevent “bad actors” from accessing patients’ health information. The letter follows a lawsuit last week from electronic health record company Epic, which outlined the actions of several such alleged “bad actors” in its complaint.

The letter was sent to Mariann Yeager, whose organization The Sequoia Project runs a private health exchange framework called Carequality. It was also sent to Principal Deputy Assistant Secretary for Technology Policy Steve Posnack, who oversees the Trusted Exchange Framework and Common Agreement, or TEFCA, as part of the nation’s health IT office. As CEO of The Sequoia Project, Yeager is also responsible for the operation of TEFCA, which Sequoia runs under a contract with the government.

Because of the way the frameworks and health privacy and exchange laws are set up, anyone who claims to be a health care provider is allowed to join the network of health care providers who share patients’ electronic records and is allowed to request and receive them. This enables organizations who pose as providers to potentially obtain sensitive health records they do not have a legal right to see. That issue is at the center of the recent Epic lawsuit against Health Gorilla, one of the organizations that can onboard new members onto the exchange network.

Continue to STAT+ to read the full story…






Brittany Trang





Go to statnews




Posted

in

, ,

by

leeanne

Tags: