MinnPost reports on a hearing held by Sen. Al Franken (D-Minn.) as chairman of the subcommittee on Privacy, Technology and the Law of the Senate Judiciary Committee concerning medical privacy:
Sen. Al Franken made it clear Wednesday he’s a big proponent of converting medical records to digital form, but he acknowledged the “very real and very serious privacy challenges” that come with doing so.
Franken convened his second hearing as chairman of the Senate Subcommittee on Privacy, Technology and the Law on Wednesday to address just that topic. His main complaint: federal agencies directed to enforce digital medical record regulations enacted by Congress have not yet done so.
In 2009, Congress passed the “HITECH Act” as part of the American Reinvestment and Recovery Act, which incentivized doctors and hospitals to switch their records to electronic form as well as impose new penalties for data breaches. […]
Total, there have been 364 “major breaches” of 18 million patient’s private data since 2009, Franken said. Meanwhile, enforcement of data privacy laws have been lax — out of the 22,500 complaints the Health and Human Services Department has received since 2003, it’s levied only one fine and reached monetary settlements in six others. Of the 495 cases referred to the Department of Justice, only 16 have been prosecuted. […]
Deven McGraw, the director of the Center for Democracy and Technology’s Health Privacy Project, agreed that enforcement could be stronger. She also called for more regulations meant to push companies that store digital data to do in more effective ways.
McGraw said she favored “a more comprehensive set of privacy protections for consumer data … This environment, the wild, wild West for data is not an environment of trust.”