|
Patient Privacy Principles
The following Patient Privacy Principles should be included in all Health IT legislation:
- Recognize that patients own their health data
- Give patients control over who can access their electronic health records
- Give patients the right to opt-in and opt-out of electronic systems
- Give patients the right to segment sensitive information
- Require audit trails of every disclosure of patient information
- Require that patients be notified of suspected or actual privacy breaches
- Provide meaningful penalties and enforcement for privacy violations
- Require that health information disclosed for one purpose may not be used for another purpose without informed consent
- Insure that consumers can not be compelled to share electronic health records to obtain employment, insurance, credit, or admission to schools
- Deny employers access to employees’ medical records
- Preserve stronger privacy protections in state laws
|
