Now, I don't know if Apple's CEO and public face, Steve Jobs, has a personal health record (if he does, I doubt it's HealthVault). But being one of the most famous denizens of Silicon Valley, you have to believe that his physicians use electronic health records. And let's face it -- it's hard to think of another public figure who's current health status has so captivated the business community. Jobs' mysterious health problems and his decision to take a medical leave until the end of June is Page One material on the Wall Street Journal.

Given these two factors, you'd have to believe that someone has the motivation to break the law and illegally access and dissimenate the data. We've seen it before -- remember what happened when Britney Spears and George Clooney paid visits to hospitals in the past couple of years? These are privacy blunders of the first order, and they are motivated by the same factors that might prompt someone to hack into a Jobs electronic record. (And by the way -- please don't misconstrue what I am saying. I don't condone this kind of criminal behavior for a minute. But it's easy enough to understand the motivation.)

All of this begs the question I posed above -- if EHR security is so shoddy, and the motivation to break the law is so great, why hasn't Steve Jobs' medical record been posted to somebody's blog yet?

I think the answer is clear: EHR security isn't as shoddy as some people would like you to think.

When friends ask me why Americans don't have EHRs today, and what is taking the federal government so long to develop the nationwide health information network that President Bush called for in his 2004 State of the Union speech, I tell them there are three answers: money, money and privacy fears.

It's clear that building the infrastructure to exchange health data between providers is going to cost a lot of money (Obama's ready to commit $10 billion over the next five years for healthcare IT). And it's equally clear that providers themselves will be hesitant to invest in the necessary technologies unless they see a return on the investment.

But what I don't understand is the excessive fear-mongering from the sidelines that suggest electronic health records will be any less secure than paper records. That's not to say that privacy concerns are without merit. Nobody wants anybody else poking into their health data - period. But a properly implemented EHR system, with adequate policy and technology safeguards in place, can balance privacy concerns and the far-reaching, lifesaving value of interoperable systems.

Of course, as soon as the Mac Rumors web site posts Jobs' records, I may have to reconsider.