Human Services Committee


Bill No.:




Vote Date:


Vote Action:

Joint Favorable

PH Date:


File No.:


Human Services Committee


This bill is meant to protect patient privacy by requiring a patient to opt-in to the exchange of electronic health records.


Michael Starkowski, Commissioner, Department of Social Services: Commissioner Starkowski testified: “This bill would prohibit any medical provider from releasing a patient's electronic medical records to any entity unless there is written consent from the patient.”

“The Health Insurance Portability and Accountability Act does not require consent from patients when information is shared between providers for purposes of treatment, payment or health care operations.  This amendment imposes restrictions that are stricter than HIPAA and impractical for providers who are or will be participating in health information exchanges.  The concern is that, if people are required to 'opt in' instead of 'opt out,' the health information exchanges won't be successful.” 

“This proposed amendment contradicts the policy adopted by the predecessor to the Health Information Technology Exchange of Connecticut (HITE-CT), which is the quasi-state agency established during the last legislative session. Committee members have expressed concerns that this proposal would have a negative impact on the continuity of care. Members also felt that 'this language arguably would create the odd result of having different rules for release of paper versus electronic records Nor does it resolve the question of what it means to 'release' information.  Furthermore, this could be interpreted to prohibit information from going into an exchange in the first place, even if it is not released subsequently to a third party without an authorization, and even if the health care provider has a business associate agreement in place with the exchange.'

'This proposed legislation did not come through the Board of the HITE or the Legal and Policy Subcommittee of the HITE and is inconsistent with the consent model that has been adopted to date and incorporated into the Strategic and Operational Plans submitted to the ONC.'


Alicia Woodsby, Public Policy Director, National Alliance on Mental Illness, Connecticut (NAMI-CT): NAMI-CT testified in support of the bill: “HB 1147 will protect patient privacy by requiring a patient to opt-in to the exchange of electronic health records. This bill will help to protect patients' sensitive health information, which will increase the likelihood of success for our state's health information exchange.”

“This bill will ensure continued safeguards for patient confidentiality to prevent inappropriate access to psychiatric information and drug and alcohol information. Informed consent by consumers/patients must be obtained for any use or disclosure of individually identifiable health information which pertains to them, and there must be strong and effective remedies for violations of these protections. Lack of initial informed consent should not exempt providers and managed care organizations from providing emergency care, urgent care or medically necessary care to persons living with mental illnesses.”

“Furthermore, NAMI-CT strongly recommends the involvement of consumers and family members as partners in the development of policy and decisions regarding the use of data for electronic health information systems or any other use of health care information.”

Ellen Andrews, Executive Director, Connecticut Health Policy Project: Ms. Andrews testified: “We at the CT Health Policy Project have long been strong supporters of health information technology and exchange. Interoperable electronic health information exchange will be a critical driver of health care system reform in our state, improve patient safety and is one of the few ways to save money in the system that improves efficiency and does not involve shifting costs between stakeholders, most often onto consumers. E-health initiatives are unique in health system reform proposals, gaining support from virtually all sectors and stakeholder groups in a contentious health care environment. Improving the appropriate flow of information will reduce costs, improve quality and make our health systems more efficient. Providers need comprehensive, valid, up-to-date medical information whenever they treat a patient to ensure the best health outcome.”

“Since its inception, I have been a consumer representative on the eHealthCT Board of Directors, a nonprofit organization dedicated to supporting health information exchange. A year ago we convened a diverse group of stakeholders to develop a privacy and security policy for eHealthCT's Medicaid health information exchange pilot. We engaged a large and diverse group of stakeholders including legal aid, legal privacy experts, HIT experts, communications experts, labor, state agencies, payers, providers, advocates for people with HIV/AIDS, mental health and substance abuse problems, and for whom English is a second language. We held well-noticed public forums in this building, solicited comments and questions online, and worked to inform stakeholder groups, particularly consumers and trusted consumer groups, about the considerable benefits of health information exchange, as well as the risks. Over several months and a great deal of research on other states and federal regulations, we developed a strong, consensus, feasible opt-in privacy policy as described in HB-1147. That policy is being used now successfully in eHealthCT's health information exchange pilot with several Connecticut hospitals and clinics.”

Lance Johnson, Volunteer, AARP: Mr. Johnson testified: “I also speak as an individual consumer excited about the many potential benefits that a Connecticut, regional, and national health information exchange (HIE) could offer to me, including: better, faster coordination of my health care; higher quality and more efficient care; increased system transparency; and access to information that would allow me to make better health care decisions. At the same time, such a system raises serious concerns among consumers about personal privacy, data security, and the potential misuse of their information. So while such a system holds great promise, the many possible benefits will not be realized unless appropriate policy measures to protect consumers are established up front.”

“So AARP is pleased that the Human Services Committee is considering one important aspect of protecting consumers, SB 1147, AAC Patient Consent for the Exchange of Electronic Health Information. However, AARP believes that the issue of patient consent is only one of several important principles that must guide the development of public policy that protects & empowers consumers as health information technology is implemented in Connecticut and nationally.”

“AARP has been a leading player in the 'Consumer Partnership for e Health and Health Information Technology' supported by the Markel Foundation. I'd like to share the Consumer Principles that this partnership has adopted. AARP believes these consumer principles should be reflected in state and national legislation/regulation that will protect the privacy of consumer's personal health information and will empower them to make better personal health care decisions in this new and promising age of health information technology and health information exchange.”


Connecticut Hospital Association: The Connecticut Hospital Association submitted testimony opposing this bill: “This bill runs contrary to a very complex set of federal rules and laws that govern medical records, health information exchanges, and federal healthcare reform.”

“The type of blanket restriction contemplated in SB 1147 would make it practically impossible to perform quality and utilization studies or reviews, to track infections, or to control healthcare costs. Hospitals frequently need to share data with trusted partners, such as the Joint Commission, the Center for Medicare and Medicaid Services, the Agency for Healthcare Research and Quality, the Department of Public Health, the Centers for Disease Control, and others. Healthcare quality improvement will come to a complete standstill if the ability to share these data is impaired, and data will be meaningless if less than 100% of records and cases are made available for review.”

“Similar consent requirements were considered – and ultimately rejected – during discussions of the HIPAA Privacy rulemaking by the federal government. As determined during the HIPAA debate, if a healthcare provider needed to obtain advance, written permission to share a patient's health information with other healthcare providers, health insurers, healthcare quality entities, or the provider's own business partners, patients would be inconvenienced at best, and put in danger at worst.”

“With respect to day-to-day patient care, the need for a patient signature every time information is disclosed would impede care, and create absurd situations, including the following: a physician could not electronically transmit or call in a prescription to a pharmacy when the patient is sick at home and unable to sign off on the disclosure; an ambulance service could not be told the condition of a person who needs assistance because the hospital with the information does not have written permission from the unconscious patient; and insurers could not be contacted for pre-authorization.”

“While a balance between privacy rights and healthcare quality is essential, that balance is best achieved through adherence to federal standards. Efforts that alter, modify, or interfere with those standards will put Connecticut at odds with good medicine and healthcare reform.”

John Lynch: Mr. Lynch testified: “Please STOP putting barriers in place to efficient, high quality healthcare. The proposed law would put in place different workflow/systems for electronic HIE than exist in the current paper world. There are FEW if ANY existing Electronic Health Records (EHR) that are capable of obtaining patient written signature and transmitting consents electronically, nor processing thru the EHR and detecting if sensitive data exists. The law would delay HIE for years until vendors respond and put such capabilities into EHR systems. The workflow will require more paper and FAX. Care Givers will not be available 24/7 to respond to such FAX requests, and the value of HIE lost. If I end up in the Emergency room, I WANT my caregivers to have complete information about me. I may be in no condition to “opt-in”. Please do NOT put barriers in place!”

“Connecticut provided me NO information about the safety and effectiveness of my surgery. Connecticut needs to go beyond simple HIE, and support a public respository for patient safety, effectiveness, quality, and efficiency information. Such database (which can be well protected and de-identified), will need the maximum data for use to measure our health care system. Patients should not be allowed to opt-out of such important systems. I WANT others to know how successful my surgery was and that it is a viable option for them.”

Reported by: Samantha M. Odyniec

Date: March 23, 2011