Health information technology (“health IT”) has tremendous potential to improve health care quality and reduce costs while empowering patients to play a greater role in the management of their own care. At the same time, however, electronic storage and exchange of personal health information poses risks to privacy. Unaddressed, privacy concerns can stand in the way of realizing the benefits of health IT, for neither patients nor providers will make full use of a system they do not trust.
In March 2008, CDT launched a major initiative to address the complex privacy issues associated with the growing use of health IT. CDT’s Health Privacy Project takes on key policy questions, including: the proper role of notice and consent, the right of patients to access their own health records, identification and authentication, secondary uses, and enforcement mechanisms. Drawing on CDT’s credibility in technology and policy and our leadership as privacy advocates, our Health Privacy Project is bringing the voice of a pragmatic expert to the health privacy conversation. It addresses both the traditional exchange of records among health plans and providers, as well as new consumer access services and personal health records. *