At least 78% of medical practices use a standardized and shareable system for recording medical data in accordance with the CDC's Electronic Health Record guidelines. These records contain comprehensive information about a patient's prescriptions, injuries, procedures, and health status over time.
As it stands, this data is not centralized— that is to say, no one entity has ready access to all of this data. Patients can sign release forms authorizing a provider to share their records with any "covered entity."
Centralizing electronic health records would allow for enormous new opportunities to expand the existing arsenal of health surveillance programs run by the government. Essentially, all possible longitudinal health studies could be conducted simultaneously. Thanks to modern data science, we would be able to detect any statistically significant relationships between health outcomes and other recorded patient characteristics. Harmful effects and interactions from pharmaceuticals would become clear; likewise, the efficacy and safety of certain treatments could be validated or even discovered by accident. Furthermore, we'd be able to build superior models for predicting risk in individual patients and larger populations, potentially notifying providers that they should perform targeted screenings.
It's the country's worst off that stand to benefit the most from this. Medical information and attention is the least accessible to those in poverty; medical disasters invisible to the individual's eye are the most likely to slip by if it predominantly affects the poor. Even if detected, garnering attention to these concerns is hardest for those with the least capital. These concerns are greatly mitigated if in-depth health studies are performed by a centralized, automated system. Consider Flint: as long as some community members were visiting the doctor, a centralized monitoring system could have discovered their crisis as soon as symptoms started to arise— that is, nearly instantly.
Critics raise concerns about security the potential for abuse. Indeed, these concerns are salient. In particular, it's not hard to be fearful of a Stasi-esque scenario where the efficient data-aggregation practices of the government allow it to leverage its arms monopoly to disastrous effects. It does not take much imagination to see how it might be disastrous for a federal agent to be able to pull up drug test records for anyone he wants. Careers can be ruined through leaked medical documents.
There are some defenses against these points. For one, the CDC is not the NSA— they have no reason or excuse to have secret procedures. Thus, the potential for oversight is much greater. Furthermore, the data can be anonymized once it leaves providers and reaches the CDC. Even if the files contain identifiable information, basic anonymization procedures— hashing patient names, for instance— would greatly increase the resource cost of snooping. After all, the federal government can already snoop on anyone as much as they want— it's just a question of efficiency.
My aim is not to dismiss these concerns. Rather, my intention is to introduce a serious cost-benefit analysis. How many unknown Flint, Michigan scenarios are flying under the radar because the data isn't in the hands of entities capable of performing sufficiently powerful surveillance?