Patient Privacy Organization Asks President Bush to Guarantee Privacy in Health IT Legislation

Share Article

Patients cannot control who can access their electronic medical data though, President Bush says they can.

Past News Releases


Patient Privacy Rights, a national consumer privacy watchdog organization, sent President Bush a letter on Friday, urging him to ask Congress to include specific patient privacy protections in health information technology (HIT) legislation.

“The President has clearly stated he wants patients to control access to their personal electronic health records, but he has not told Congress they must fix the proposed legislation to restore patients’ rights to control their medical records,” said Deborah Peel, MD, Chairman of Patient Privacy Rights Foundation.

President Bush has said repeatedly in public speeches [see President’s statements on medical privacy in electronic records – attached] that Americans can control who can access their electronic medical records, but that is not true. The Department of Health and Human Services changed HIPAA regulations in 2002 eliminating the “right of consent”, the right to give permission before personal health records can be seen or used by others.

“Without basic privacy protections built into the legislation up front, Congress will create an electronic superhighway system for datamining the nation’s medical records,” Peel said.

The Senate has passed “Wired for Health Care Quality Act” (S. 1418) promoting health information technology (HIT) and the House is expected to pass “Health Information Technology Promotion Act of 2005” (H.R. 4157) promoting HIT very soon. Both bills rely on the existing privacy protections found in HIPAA, which currently do not allow patients to control who can access their electronic records.

Patient Privacy Rights has been urging Congress to add specific privacy language to upcoming HIT legislation because HIPAA regulations currently do not allow patients to give permission before their medical information can be seen and used, and because current HIPAA enforcement has netted only two violators and resulted in no fines since the new regulations became effective in 2002.

“As we suspected and as HHS has admitted, medical privacy protections and enforcements are virtually nonexistent in this country. The reason the vast majority of complaints are dismissed is because HIPAA is almost impossible to violate. It is toothless,” Peel said.

In the letter to the President, Patient Privacy Rights reminded the President Bush of his own quotes on patient privacy:

  • “Our goal, by the way, is for every American to have a electronic medical record. And -- but, by the way, with a guarantee of privacy.” May 22, 2006
  • “….I don't want people prying into them, I don't want people looking at them, I don't want people opening them up unless I say it's fine for you to do so.” January 27, 2005
  • “….I want there to be good information technology in the health care field, I just don't want somebody looking at my records unless I give them permission to do so.” April 27, 2004

Patient Privacy Rights asked that President Bush urge Congress to include the following provisions in HIT legislation:

  • Expressly recognize the individual’s right to medical privacy
  • Give patients control over who can see & use their electronic medical records
  • Allow patients to opt-in, opt-out
  • Give patients the right to segment sensitive information
  • Provide protections including audit trails, breach notification, and meaningful penalties for privacy violations

To read the letter to the President and the President’s quotes on his beliefs about medical privacy rights visit

About Patient Privacy Rights

Patient Privacy Rights is a national consumer watchdog organization based in Austin, TX. The mission of Patient Privacy Rights is to empower Americans to protect and preserve their human rights to medical privacy. Patient Privacy Rights believes Americans should have the right to decide who can see and use their medical records and is educating Americans about threats to patient privacy. They have launched an online petition for Americans to tell Congress “I Want My Medical Privacy”.

Contact: Tina Williamson, President

Patient Privacy Rights Foundation

(512) 732-0033


Share article on social media or email:

View article via:

Pdf Print

Contact Author

Tina Williamson
Visit website