The CDC has built a nearly real-time H1N1 tracking system called FluView. But how do they get this data? They get it directly from doctors, clinics, and hospitals of course!
The CDC said it is now tracking data on 14 million patients from physician practices and hospitals that is stored on a relational database hosted by GE Healthcare, General Electric Co.’s health care division. The data is submitted daily from physicians’ offices and hospitals that use GE’s electronic medical record (EMR) system. The data is then uploaded to a database used by GE Healthcare’s Medical Quality Improvement Consortium (MQIC), a group of EMR users who have agreed to pool their data. Once it is in the MQIC database, which was designed according to HIPAA-compliance parameters of patient anonymity and best practices, it can be queried.
I wonder if any of the patients signed a consent form or waiver to allow their medical data to be used in this way? I wonder if any of them even realize their medical data is being passed around with 3rd parties like a cheerleader in a football locker room?
Whenever I sign forms at a doctor or dentist office, there’s a clause in there that says you give them permission to share your medical info, in aggregate and without personally identifying you, for purposes like this. It’s generally lumped in with the clause that gives them permission to send medical info to your insurance company so they can file claims…which makes it awkward not to sign it.
True, I have seen that clause myself when I was at the oral surgeon’s office. My family doctor though has a slightly different clause that specifically calls out insurance providers. I’ve not been there in years though, I should pop in to see if they have changed their release forms.