The Joint Committee on Economic Development and Emerging Technologies held a hearing on Tuesday, June 9th which included S. 200, “An Act to Clarify and Enhance Privacy Protections for Electronic Health Records.” Check out our earlier post on this bill here. This bill has three main purposes: create routine privacy and security audits of electronic health record systems, establish enforcement mechanisms in case of violations of privacy, and compel security agents to report privacy violations.
Senator Marc Pacheco spoke first on the bill, highlighting the irony that when the bill originally was filed, the legislative electronic submissions system malfunctioned and only turned in the first part of the legislation. The Senator called Massachusetts’ embracement of e-health an exciting opportunity for the state to once again take the lead in a new medical area and save some money at the same time. However, he cautioned that this was also a time of concern for the subject of privacy, and while innovation is good, there must be a firewall to protect people’s privacy. In specific, he highlighted the bill’s provisions to ensure privacy audits and establish whistleblower protections.
Next, Gavi Wolf of the ACLU of Massachusetts spoke in favor of the bill. Wolf praised how the state has been forward thinking with its support of money saving, technologic innovation, and urged the legislature to equally think forward in terms of privacy. Wolf brought up the fact that it is no good to notify someone of a privacy invasion if no recourse can be taken and that this bill adds some teeth to privacy enforcement.
HCFA is submitting testimony to the Committee and has been working closely with bill authors Senator Pacheco and Representative Rushing, along with Mass ACLU and the AIDS Action Committee in support of this bill.