18 May 2001 The Honorable Tommy G. Thompson Dear Secretary Thompson: The Institute of Electrical and Electronics Engineers-United States of America (IEEE-USA) wishes to voice its position in favor of your recent move to go forward with the Patient’s Privacy Rights Regulations that were established by HHS under the former administration (45 CFR Parts 160 through 164, Standards for Privacy of Individually Identifiable Health Information, implementing the privacy requirements of the Administrative Simplification subtitle of the Health Insurance Portability and Accountability Act (HIPAA) of 1996). We are aware of the continued debate on this subject by some in the industry stating that the implementation of these regulations will be too costly and would not be technically feasible within the time constraints imposed under the regulation. IEEE-USA and its volunteer representatives on the Medical Technology Policy Committee (MTPC) have long been strong advocates for enacting comprehensive federal legislation to assure health insurance portability for the public sector coupled with patient information privacy controls. IEEE-USA and its MTPC volunteers have worked diligently over several years to determine from nearly 230,000 U. S. IEEE members if they agree that it would be technologically and economically viable for the health and insurance industry to satisfy the privacy requirements being imposed under the recently signed HHS regulation. As a result of the committee’s review of current technology, and of its open discussions on the subject with its membership, we have concluded that implementation of the new regulations is indeed possible on a cost/ benefit basis, and is truly in the public interest. Currently available Public Key Infrastructure (PKI) techniques being used by the government’s own General Services Administration under the Federal Technology Service’s (FTS) work on the digital signature certificate program, as well as its more recent, Access Certificates for Electronics Services (ACES) and Federal Bridge Certification Authority (FBCA) programs, have improved protection and authentication processes of information being sent over today’s Internet-as well as other open telecommunications networks. When these PKI approaches are coupled with informed efforts on the part of developers of patient health information data base systems using the latest firewall and hacker safeguarding methods, an extremely effective means to ensure maintaining the privacy of patient information (from a technical perspective) can be provided. General Services Administration/FTS use of these tools have proven their economic and technological advantage through operational use of the technology on its major contract efforts. Given the open availability of these technologies, and the willingness of the industry to protect information as called for in your regulation, IEEE-USA feels comfortable in supporting your implementation of the new regulation. We believe that the use of computerized patient record systems in electronic health information networks, offered using proper software database security methods and coupled with PKI technology, holds great promise to improve the quality of health care and protect the public’s privacy at a much lower cost level than your opponents to this legislation have stated. I am sure that GSA’s view of the cost for implementation of these relatively new, but tested, technologies would verify our membership’s contention. IEEE-USA is an organizational unit of the IEEE created in 1973 to promote the careers and public-policy interests of the more than 230,000 electrical, electronics, computer and software engineers who are U.S. members of the IEEE. The IEEE is the world’s largest technical professional society with over 360,000 members in 150 countries. For more information, visit us online at http://www.ieeeusa.org. Thank you for the opportunity to provide these comments on this important regulation. If you have any questions or would like further information, please contact Deborah Rudolph, IEEE-USA Manager of Technology Policy Activities at (202) 785-0017 x 8332. Sincerely, Ned R. Sauthoff, Ph.D. | Top of Page | Policy Log | Public Policy Forum | IEEE-USA | Last Update: 18 May 2001 Copyright © 2001, The
Institute of Electrical and Electronics Engineers, Inc. |
