Achieving real cybersecurity for all is in the best interest of the

Millions of Americans felt the economic and medical ramifications of soaring healthcare costs in the 1990s. To try to rein in spending, Congress instituted the National Coordinator for Health Information Technology (NCHIT) program in 1997. The NCHIT vision was to make doctors and medical facilities use information technology (IT) to make patient care and health information (HI) more accessible, secure, transparent, and safe for everyone.

The NCHIT agenda never went far enough. Dr. Thomas Frieden and his team at the Centers for Disease Control (CDC) and the CDC’s National Center for Health Statistics (NCHS) have always been somewhat apathetic to the technology, preferring it be embedded in computers, not fans and dial-up modem connections. With the passage of the First Patient Protection and Affordable Care Act in 2010, NCHIT was revisited and was connected with patient information security risks through HIPAA regulations. The more patients get access to their health information, the more their personal information is vulnerable and their privacy invaded. This is the primary crime for which we have responsibility, especially through HIPAA regulations.

In other words, the NCHIT vision for bringing healthcare information technology (hCI) into the workplace has not gone far enough and needs to be revived.

Perhaps this is why the White House recently launched Healthcare IT 2020. The goals for this initiative are simple: train, certify, incentivize, manage, and enforce (MO) healthcare IT to improve patient safety and ensure fairness.

One clear purpose of the healthcare IT 2020 initiative, which most of the Republican Presidential candidates, including the GOP nominee, have supported is the promotion of the role of the online community in opening and improving online portals like It is a community of health care professionals that accepts the need to find quality, affordable health care online. These community members give members greater trust in the Web-based portal so when they share information, it will be from a trusted source and the information will be accurate and trusted.

How successful will this initiative be? So far healthcare cyber safety and cyber security have been a crime under FBI jurisdiction only (meaning the Federal Bureau of Investigation) in the United States. This position raises questions like, “Are we empowering the FBI and other law enforcement to go after cyber criminals or can we redirect that money toward outreach and educational programs for the public about the use of health IT?”

However, this FCC (Federal Communications Commission) initiative to set health cyber standards could come to fruition. According to a recent Washington Post article, “Under the Federal Communications Commission’s new rules, health providers will have to insure that their systems – whether they’re running on data centers or a standalone system – are aligned with the agency’s ‘superportal.’” This is “the only forum that will hold the full brunt of penalties, including an $11 million fine for every cyber crime committed at the outlet, and this includes ‘some of the simplest crimes like a patient inadvertently forwarding sensitive patient information to a spam inbox.’”

Part of the HHS Secretary’s mission in establishing this FCC initiative is to: “[e]fficiently and securely implement the most efficient and secure technologies available for enabling health information exchange, including medical records, with people that use the Internet to access and communicate with each other.”

Where the health cyber security discourse goes next is critical. As Sen. Kirsten Gillibrand (D-NY) recently called the Senate Health, Education, Labor and Pensions Committee to explain her and the committee’s work in the health and human services “amendment amendment process,” she asked: “Where are we on implementation of policies to make sure that federal information technology investment programs that support health care providers make full use of these investments to advance policy goals and shield consumers from the consequences of the misuses of data?”

The difficulty in achieving such goals is that the ability to achieve them is under the jurisdiction of dozens of regulatory bodies and business interests, giving them an ever-increasing power to kill the initiative if they feel like it. So, what, if anything, can actually be accomplished on implementing the goals for the health and human services “amendment process”?

Access to appropriate health information with security protections and guarantees is in the best interest of the American people. It is an imperative that agencies with the authority, such as the FCC, be afforded the resources to facilitate adoption

Leave a Comment