Achieving the Right Balance: Privacy and Security Policies to Support Electronic Health Information Exchange

Electronic health records (EHRs) and the electronic sharing of health information offer the potential to improve quality and cost efficiency. In the past three years, major initiatives have been launched at the federal and state levels to encourage the adoption and use of health information technology (health IT). Although consumers overwhelmingly support health IT, they want to ensure that their personal health information is secure. According to a recent survey, more than 80% of doctors and the public believe that requiring safeguards for patient privacy is important in electronic health information exchange (HIE). Policymakers struggle to strike a balance between encouraging data sharing while maintaining privacy protections for patients. Consumer advocates maintain that building enhanced security into electronic health systems will bolster the public's trust and support for the increased use and appropriate sharing of health data.

This issue brief:

1. Discusses the importance of building a statewide (and nationwide) system of electronic HIE and the role that sound privacy and security policies should play in building and sustaining the public's trust
2. Offers patient- and consumer-based policy solutions to privacy and security concerns that balance individual and societal needs
3. Identifies gaps between current law and the attainment of a secure digital health ecosystem, and suggests areas that merit further attention from federal and state policymakers