< Return To Hearing
January 27, 2009
Written Testimony of
Chairman Leahy, Ranking Member Specter, and distinguished members of the Committee, my name is Michael Stokes, and I am a Principal Program Manager in Microsoft's Health Solutions Group. In this role, I focus on privacy issues, and I very much appreciate the opportunity to share Microsoft's views on the importance of privacy and health IT. We commend the Committee for holding this hearing today and for your efforts at the intersection of privacy, information technology, and healthcare reform. We are committed to working collaboratively with you, the Department of Health and Human Services, the Federal Trade Commission, consumer advocates, and other stakeholders to protect the privacy of health data.
Microsoft is here today because we are deeply engaged on both health IT and privacy issues. Over 12 years ago, Microsoft began developing technologies focused on the health industry, with the goal of using software and the Internet to transform healthcare, as they have so many other industries-- opening new ways of working, new ways of communicating, and new economics. Our products, including HealthVault for consumers and Amalga for hospitals and health systems, are focused on driving scalable health IT solutions that can benefit all.
Microsoft also has a deep and long-standing commitment to privacy. We recognize that consumers will only be comfortable sharing their information if they trust that they will have control over its use and know that it will be protected. Establishing trust is especially important with respect to health data. This is because of the important role that health data plays in our overall healthcare system. Delivering quality, reliable healthcare requires that data be shared. New therapies, new cures, and new lessons about disease will be driven by the availability of health data. By working together to encourage data liquidity through strong privacy protections, we can realize the value of data sharing and thereby drive
Today, I want to discuss how we can promote the widespread use of innovative health IT solutions and the sharing of health data while still protecting privacy. My testimony today begins by describing what we believe to be the future of healthcare--a totally connected environment where patients and providers trust each other and use health IT to share information seamlessly. It then discusses how the three components of trust--transparency, control, and security--can provide flexible technology solutions that improve our current healthcare system. It concludes by showing how the same principles of transparency, control, and security underlie Microsoft's approach to privacy in health IT.
I. The Future: Dynamic, Trusted, Consumer-Driven Healthcare
A. Health IT Can Build a Patient-Centric SystemThe future of medicine and improvements in our healthcare system depend on the seamless exchange and reuse of health data. Today, in order to manage their health, consumers must deal with both paper documents and electronic files. Few people have the resources to keep track of medication lists, vaccination histories, appointment calendars, lab results, diet plans, exercise schedules, and all the other components of health data. Most people have little knowledge of how to prevent disease and little, if any, support for managing their healthcare.
What if consumers could collect all their health and wellness data electronically, could keep it securely
A patient-centric system would benefit healthcare professionals and hospitals as well. Today, patients
At Microsoft, we believe technology can make this vision a reality without sacrificing privacy protections. We envision a healthcare ecosystem that places patients at the center of a protected and connected network, with:
1.Patients as consumers--experiencing more control, more convenience, better service, and ultimately better value for what they spend on healthcare.
In this new healthcare system, everyone will have the right information at the right time with computer assisted decision support, enabling the seamless exchange and reuse of data. Health data is the asset that will drive an efficient, high-quality, value-based, evidence-focused future for medicine, achieving one of the priorities of Congress and the new Administration.
B. Trust Is Essential to a Patient-Centric Healthcare System
Health data is often considered more sensitive than other personally identifiable information. If health data is stolen or lost, it is not simply a matter of recovering financial assets. It can impact an individual's
1.?According to the Department of Health and Human Services, two million Americans with mental illness do not seek treatment for this reason.
Because health data can be highly sensitive, consumers and healthcare providers will only share such data if they trust that the privacy of health data will be protected. When such trust is established, data will flow freely, benefiting all participants. Consumers will receive better information about appropriate treatments, medications, nutrition, and exercise. Healthcare providers will receive more reliable health data and greater patient compliance, which in turn leads to better quality care and improved cost efficiencies both for treatment of individual patients and for public health purposes. In short, effective privacy protections are critical to the success of health IT and healthcare in general.
II. Trust Requires Transparency, Control, and Security
A. Transparency Can Help Stakeholders Understand How Their Data Is Used
Transparency is especially important with respect to healthcare data. If patients do not understand what data is being collected, who has access to the data, and what the data will be used for, they may decide not to provide the information at all--not even to their treating physicians. Without this data, doctors will not be able to make fully informed treatment recommendations, and overall consumer health could suffer.
Providers need transparency too. They need to understand how the health data they make available to patients and others may be used; they need to know whether such data may be disclosed to third parties; and they need to feel comfortable that health data will be protected.
Transparency is also essential to ensure accountability. Regulators, advocates, journalists, and others have an important role in helping to ensure that appropriate privacy practices are being followed. But they can only examine, evaluate, and compare practices across the industry if companies are transparent about the data they collect and how they use and protect it.
B. Control Can Help Stakeholders Manage Their Data Effectively
Control is particularly important when the consumer or provider needs a proxy to guide his or her choices. Patients often need to share data with custodians, guardians, or family members, but they may want to ensure that the data is only shared under certain conditions (e.g., only when the patient is unable to make decisions for himself) or only for certain periods of time (e.g., only data about the past year rather than the patient's entire lifetime). Similarly, physicians often rely on nurses, staff, specialists, and laboratory technicians to provide care for a patient. Access controls can help ensure that the patient's health data is shared only with the healthcare professionals who need to see it, and that the patient's data is not inadvertently misplaced or deleted.
At the same time, however, control should not impede the flow of clinical data that healthcare professionals need to provide effective care. For example, some members of the healthcare community have pointed out that a system requiring repeated patient consents for the disclosure of clinical data could potentially hamper treatment in situations where care must be coordinated among multiple physicians. We all need to work together to create a environment that facilitates rather than hinders
C. Security Can Give Stakeholders the Confidence to Adopt Health IT Innovations
Security helps ensure that patients and providers do not spend time and resources dealing with data breaches, identity theft, and security flaws. Once stakeholders feel confident that their data is secure, they will be more willing to adopt the innovative health IT solutions that can improve care and reduce costs. Moreover, health IT can also improve security. For example, technology that verifies patients' identities, monitors access to health records, and identifies anomalies in services requested could help prevent and detect medical identity theft.7
D. Transparency, Control, and Security Provide Flexible
Moreover, today's healthcare ecosystem consists of a complex mixture of legacy and new, innovative solutions.Retrofitting existing systems may require significant design changes, and it may not be viable for everyone to upgrade their technology systems. One potential path forward is to provide a combination of simpler, less flexible, baseline solutions and newer, more complex, extensible technologies that encourage migration toward a more privacy-protective future. Following the principles of transparency, control, and security enables participants to provide privacy protections that are flexible and vibrant enough to support all of these technical solutions and business models.
III. Microsoft's Efforts to Build Trust Through Transparency, Control, and Security Microsoft or anyone that provides tools and technologies involving healthcare data must adopt strong privacy practices that support trust. If people feel that the privacy of their healthcare data is not being protected, they will make less use of healthcare information technologies, which can hurt them and the healthcare industry alike.
Microsoft has been deeply engaged on privacy issues. Microsoft was one of the first companies to appoint a chief privacy officer, an action we took nearly a decade ago, and there are now several hundred employees throughout the company who focus on privacy as part of their jobs. We have a strong set of internal policies and standards that guide how we do business and how we design our products and services in a way that respects and helps protect user privacy. And we have made significant investments in privacy training and in building our privacy standards into our product development and other business processes.
A. Transparency by Providing Clear Disclosures
Moreover, the HealthVault network currently has 40 live applications--programs that can connect with HealthVault, such as personal health records and alert services. Some of these applications are provided by Microsoft's partners. Before any application is authorized to access a consumer's data, we make sure that the consumer knows which application is requesting the data, what data is being requested, what the data will be used for, and which data elements are required or optional. HealthVault also stores audit trails, so that consumers can see who has accessed their health records and what actions have been taken.
B. Control by Offering Granular Access
We have also implemented control features in our other health IT products. For example, just under a year ago, we launched Amalga, our family of enterprise data sharing and intelligence solutions, which connect a hospital's or health system's existing legacy systems and any new systems. This allows patient data to be viewed and queried holistically, enabling a shift from departmentally focused systems to more patient-centric systems. Amalga includes controls that allow hospitals and health systems to determine which data is shared when and with whom.
C. Security by Following Comprehensive Best Practices