These topics have been addressed in several national reports in the last five years (Box 5.1), a sign of both their significance and the difficulties of resolving them. Many of these issues have implications outside the health sector; nevertheless, their importance in health applications argues for strong leadership by the health community in their resolution. The chapter describes the issues, the uncertainties they introduce to the Internet's deployment in health applications, and ongoing efforts to address them. Consistent with the charge to the committee and the expertise of the committee's members, the chapter does not attempt to offer recommendations for resolving these issues. In many cases, additional study will be required to delineate more fully the trade-offs among possible solutions and gather sufficient information to render reliable guidance. These issues will need to be resolved if the benefits of the Internet are to accrue to the health community.
Technology is, to a large extent, both the cause of and the solution to concerns about the protection of personal health information. The capability to connect health information systems to the Internet exposes personal health information to hostile attacks that can alter, delete, or divulge it (see Chapter 3). At the same time, technologies such as passwords, encryption, and firewalls offer reasonably effective means of protecting information systems and the data contained within them. Nevertheless, the effective assurance of data and service protection ultimately depends on the implementation of policies and practices within the organization (see CSTB, 1997). To whom should organizations be allowed to disclose personal health information with and without patient consent? Under what conditions may such disclosures be made? What steps must organizations take to protect personal health information from loss, unauthorized editing, or mischief? What types of security technologies and administrative policies will be considered sufficient protection?
Concerns over patient privacy are not new in the health sector. Patients and consumer advocate groups have long expressed concern about the collection, use, and sharing of personal health information data and the practices used to maintain its confidentiality. These groups view the Internet as further eroding patient privacy by making health information more easily available to a larger number of users (e.g., insurers, direct marketers, and pharmaceutical benefits managers) and more susceptible to security breaches. Health care organizations have been sensitive to the vulnerabilities inherent in the Internet and have long used private networks for data exchange, both because products and services are available to support such networks and because the organizations are confident ofcontinue