[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: MED_vac

John Young <[email protected]> writes:
>   11-15-95. NYPaper Page One:
>   "When Patients' Records Are Commodities for Sale."
>      Individual medical records, carrying more sensitive
>      personal information than ever before, are increasingly
>      being gathered and stored by the tens of thousands in
>      commercial databanks maintained by institutions like
>      hospital networks, health maintenance organizations and
>      drug companies. And although there is a Federal law that
>      protects the privacy of video rental lists, private
>      medical information is being bought and sold freely.

     A (possibly stupid) thought: could commercial key escrow help here?

     I very much want hospitals to have fast access to my medical data if
my broken and bleeding body should come through their door, even if I am
unconscious and my personal physician cannot be reached. On the other hand,
I don't want anyone to be snooping through them right now.

     One solution is for me to carry my records around with me on a
smartcard or some such device. But there are problem with that approach;
for example, do I want that personal information to be in my wallet if it's
stolen? Do I want to add another item to the list of physical items I have
to keep secure?

     So, what if my records were available on the net, but encrypted with a
an key known to my physician and an escrow agency? (Equivalently, they
could be on that smartcard, but encrypted.) If an emergency occurs, the
hospital fetches my encrypted records from my physician's server, then
sends a message (signed with the hospital's key) to Keys R Us, the escrow
agent, saying "This is Dr. McCoy at Frobnitz Memorial Hospital, we need the
key for FooBar Medix, Inc., patient number 147258369." (My FooBar Medix,
Inc., insurance card lists my physician's server, the escrow agency, and my
patient number.)  Keys R Us verifies the message and sends the key.
Perhaps there's also an alias to notify of the release, one that reports to
but is not traceable to my physician or me.

    Keys R Us only has a number and a key; they don't know who my physician
is and therefore don't know where to find the actual records.  Anyone who
gets my insurance card can find the records, but has to convince Keys R Us
to release they key; and if I've done my homework in picking the agency,
they won't.

     Does this give an advantage over just having a copy of my records kept
by a trusted third party? Maybe so; I think maybe less trust of the escrow
agency is necessary. No snooper can slip someone at the escrow agency a
couple of cyberbucks to get a copy of my records, unless they've managed to
match "FooBar Medix, Inc. patient number 147258369" with "Tom Swiss" and
the location of my physician's server. (What if FooBar Medix, Inc., lets
this information out? I dunno. I guess I visit their office with a
shotgun. Better idea: FMI doesn't know what escrow agency I use. I fill in
Keys R Us on the card myself.) No minimum wage slave can just casually
browse my records for fun.


     [Since TIS is in the CKE field, I should note that this is my own
boneheaded idea, not affiliated with the company in any way.]

-Tom Swiss / [email protected]