COVID-19 , Electronic Healthcare Records , Governance & Risk Management

ONC's Donald Rucker: More Work to Do on Health Data Privacy

'As a Country, We Really Haven't Sorted Out Privacy'
Don Rucker, M.D., national coordinator for health IT, HHS

Despite recently adopted final regulations designed to enhance health IT interoperability, prevent the blocking of patient information sharing among clinicians and ensure patients have secure access to their health information, many health data privacy issues still need to be addressed, says Don Rucker, M.D., national coordinator for health IT at the Department of Health and Human Services.

See Also: Healthcare in The Cloud: Detecting and Overcoming Threats to Ensure Continuity & Compliance

“As a country, we really haven’t sorted out privacy. The Europeans with their global digital privacy directives are taking a stab at it,” he says in an exclusive video interview with Information Security Media Group.

Rucker points to the need to ensure that health data collected by location-based technologies, wearable devices and websites is adequately protected. “I don’t think any sort of reasonable person looking at this would say we’ve really sorted out … what’s appropriate to share and when.”

’Faux’ Consent

Rucker also says “we still have a long way to go” to ensure that patients have a clear-cut right to consent to how their data is used.

“Getting a three-page consent form when you’re rolled into the ER or pre-op for surgery ... is not really consent. It’s a contract of adhesion, legally,” he says. “We do a lot of what I call ‘faux consent’.”

In this in-depth video interview, Rucker also discusses:

  • How more widespread health IT interoperability, secure health information exchange and patient access to records could have helped during the COVID-19 pandemic;
  • Health data security and privacy regulatory issues falling outside of HIPAA;
  • The status of HHS enforcement of the 21st Century Cures Act health IT provisions, including regulations that prohibit the blocking of patient information sharing;
  • Top privacy and security priorities and projects at ONC for the remainder of this year.

Before being named HHS’ national coordinator for health IT in 2017, Rucker was a professor at Ohio State University and chief medical officer of Premise Health, a worksite clinic provider. Rucker started his informatics career at Datamedic Corp. and later served as chief medical officer at Siemens Healthcare USA. He has also practiced emergency medicine at Kaiser in California, Beth Israel Deaconess Medical Center in Boston, the University of Pennsylvania's Penn Presbyterian and Pennsylvania Hospitals and at Ohio State University’s Wexner Medical Center.

About the Author

Marianne Kolbasuk McGee

Marianne Kolbasuk McGee

Executive Editor, HealthcareInfoSecurity, ISMG

McGee is executive editor of Information Security Media Group's media site. She has about 30 years of IT journalism experience, with a focus on healthcare information technology issues for more than 15 years. Before joining ISMG in 2012, she was a reporter at InformationWeek magazine and news site and played a lead role in the launch of InformationWeek's healthcare IT media site.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.