John Young <jya@pipeline.com> writes:
11-15-95. NYPaper Page One:
"When Patients' Records Are Commodities for Sale."
Individual medical records, carrying more sensitive personal information than ever before, are increasingly being gathered and stored by the tens of thousands in commercial databanks maintained by institutions like hospital networks, health maintenance organizations and drug companies. And although there is a Federal law that protects the privacy of video rental lists, private medical information is being bought and sold freely.
A (possibly stupid) thought: could commercial key escrow help here? I very much want hospitals to have fast access to my medical data if my broken and bleeding body should come through their door, even if I am unconscious and my personal physician cannot be reached. On the other hand, I don't want anyone to be snooping through them right now. One solution is for me to carry my records around with me on a smartcard or some such device. But there are problem with that approach; for example, do I want that personal information to be in my wallet if it's stolen? Do I want to add another item to the list of physical items I have to keep secure? So, what if my records were available on the net, but encrypted with a an key known to my physician and an escrow agency? (Equivalently, they could be on that smartcard, but encrypted.) If an emergency occurs, the hospital fetches my encrypted records from my physician's server, then sends a message (signed with the hospital's key) to Keys R Us, the escrow agent, saying "This is Dr. McCoy at Frobnitz Memorial Hospital, we need the key for FooBar Medix, Inc., patient number 147258369." (My FooBar Medix, Inc., insurance card lists my physician's server, the escrow agency, and my patient number.) Keys R Us verifies the message and sends the key. Perhaps there's also an alias to notify of the release, one that reports to but is not traceable to my physician or me. Keys R Us only has a number and a key; they don't know who my physician is and therefore don't know where to find the actual records. Anyone who gets my insurance card can find the records, but has to convince Keys R Us to release they key; and if I've done my homework in picking the agency, they won't. Does this give an advantage over just having a copy of my records kept by a trusted third party? Maybe so; I think maybe less trust of the escrow agency is necessary. No snooper can slip someone at the escrow agency a couple of cyberbucks to get a copy of my records, unless they've managed to match "FooBar Medix, Inc. patient number 147258369" with "Tom Swiss" and the location of my physician's server. (What if FooBar Medix, Inc., lets this information out? I dunno. I guess I visit their office with a shotgun. Better idea: FMI doesn't know what escrow agency I use. I fill in Keys R Us on the card myself.) No minimum wage slave can just casually browse my records for fun. Thoughts? [Since TIS is in the CKE field, I should note that this is my own boneheaded idea, not affiliated with the company in any way.] -Tom Swiss / tms@tis.com