Are there uniform standards or minimum standards for electronic medical records?
There are some protections in the Health Insurance Portability and Accountability Act of 1996, or HIPPA, and there are some in the new stimulus bill. But several key protections are still missing: The prohibition on the sale of medical records is weak and full of loopholes. It also doesn’t apply to vendors, such as Microsoft or Google. Both companies have agreed to contracts that say they won’t release your information, but there is no law mandating that they don’t sell the information. The breach provisions requiring companies to notify patients when electronic medical records are accessed does apply to Google and Microsoft. However, there are safe-harbor provisions that let companies off the hook from the notification requirement if the breach occurred in “good faith.” The federal law on the books only requires that patients are notified when their information was disclosed in the course of treatment but not how it was used. As a result, the patient will not know which hospital perso
