communities, for example, where a general consensus on information policy exists. As a consequence, security technology and practices from these other communities should be adopted only with great care.
Systemic concerns are exacerbated by technology, because computer networking permits rapid, large-scale, and unobserved access to data for uses never intended when the patient gave primary permission for the data to be recorded. To date, technological deterrents and obstacles play almost no role in controlling secondary use of patient information (i.e., use by nonprovider parties). Once the information leaves the hands of the health care provider, it is stored off-site with the secondary user, and access controls are at the discretion of that user site.
Systemic concerns will be reduced only by public policy decisions that influence the behavior of stakeholders regarding data privacy and security. These public policy decisions are necessary to rationalize the relationships among the various stakeholders (e.g., to spell out the acceptable uses of health care information by nonproviders and providers alike) and to reduce the incentives for wholesale release of patient information. Put differently, public policy must add up to a comprehensive whole that covers the entire network of use, including both primary and secondary uses of data. Because there is no consensus across society about what is acceptable, public policy in this area is difficult to make, but until such policy is in place, there is a progressive danger that care will be affected by patients' reluctance to confide in providers.
Systemic concerns are linked to development of a universal patient identifier, which, depending on its format, could facilitate the linking of patient-identifiable health information with other types of personal information. Although addressing this problem is largely a matter of public policy, judicious design of the method used to link patient records may help mitigate some privacy concerns and help enforce any policy framework established for protecting privacy.