If “Patriotism is the last refuge of a scoundrel,” then “patient privacy” is the last refuge of an electronic health record company trying to protect its profit margins.
Epic has ramped-up its efforts to delay and/or overhaul pending new rules the Office of the National Coordinator for Health Information Technology (ONC) is expected to release soon. Those rules deal with interoperability, patient access and limits on information blocking.
Look, we get it. Epic undoubtedly fears that its lockup of patient data – which helps keep healthcare organizations tied to its proprietary systems – would diminish under the new rules. It makes absolute sense for the company to try to protect that.
But to wave the flag of “patient privacy” (Epic’s transparent argument is a version of the condescending/paternalistic, “We know better than patients do regarding how to handle their data”) is the very embodiment of disingenuity. And especially glaring when so many others in the healthcare IT community – including Epic competitor Cerner, which isn’t exactly known for its largesse in sharing data – are advocating for the rules’ implementation.
To be fair, Epic is not the first (nor, likely, the last) healthcare IT company to wrap itself in the “patient privacy” flag. It is something of a default position when a firm simply doesn’t want to do something (see also: patient-matching/national patient ID).
Its use here, though, is potentially dangerous on two levels: 1) It may help delay rules that the overall community wants to see in place and 2) it desensitizes those who aren’t intimately involved in healthcare IT to when they really should pay attention to legitimate privacy issues.
We strongly believe that Epic should – and can – be better than this. Do you agree?