Deborah Peel, MD, was trained as a Freudian psychoanalyst and worked as a psychiatrist in Austin, Texas, for nearly three decades before becoming a privacy activist, founding the group Patient Privacy Rights in 2006 after being appalled by HIPAA’s evolution into what she sees as a weak baseline for privacy and security.

Equally skeptical of both private industry and the government, Peel’s views and policy proposals diverge sharply from myriad health IT leaders in a lot of ways. But she shares many of their goals, and the optimism that technology and patient engagement can improve American healthcare systems.

Recently, Patient Privacy Rights urged the Department of Health and Human Services to regulate cloud computing as hosted data services grow and data breaches continue to plague health organizations. In a wide-ranging iinterview, Peel talked about her background as a mental health provider, how healthcare organizations can build patient trust, her ideal model for information sharing consent and more.

[See also: Patient Privacy Rights asks HHS for guidance on cloud security.]

Q: How did your view of privacy and patient rights develop?

A: It really grew out of my long-term practice as a boarded psychiatrist and a Freudian psychoanalyst. Literally the first week I hung out my shingle in the late ‘70s, people came in and they said “If we pay you cash, will you keep our records private?” This is a problem that predates electronic health records. Health information doesn’t stay in the doctor’s office. What happened then was information on paper would get sent to pay claims, and it was very detailed and the claims information would many times be shared with employers. That can happen because under ERISA (the Employee Retirement and Income Security Act), if you’re in an ERISA employer-based health plan, they frankly have the right to see your information. Many companies say they don’t do that but it’s a widespread practice. I learned from my patients that if you use any third parties then the privacy of your sensitive information is at risk.

I really learned that there were significant numbers of people who will not get treatment unless they know it’s private.This is long-standing problem that predated electronic health records, but if you think about the scale of things, it’s very different.

Q: Did you know of mental health patients whose employers learned of their conditions and discriminated against them?

A: Absolutely, not only discriminating against them. Another very common complaint would be, “I applied for life insurance or long-term disability insurance, and I’ve been denied.” They would look into it and it would be because of psychiatric records. I wrote many a letter that said, “This person has never been suicidal. This person has not been on medication. They’ve been in therapy; they’ve managed their problems very well.”

It’s my opinion that insurers have long discriminated against anyone with mental health diagnosis, and I don’t believe it’s actually accurate actuarially. I don’t actuarially believe that there’s a basis for discriminating against anyone who has any mental illness or addiction diagnosis. If you think about it, the ones that do well are actually the ones that come in for treatment. These are people that are going to do well and get better, not create major burdens for the insurance industry.