Dear Sir or Madam,
You must make certain that any electronic medical records protocol defaults to being outside of the record keeping. Putting this another way only direct clear and positive action on the part of the patient will permit records being captured in any electronic database. The option to opt out of the system is false on its face since there are already numerous systems with partial or complete records of patient information. Therefore, only with the default being outside of the system will any patient be able to retain privacy.
Secondly, penalties for breach of any data about an individual must be severe. Loss of license to practice medicine; loss of all profits for the last five years; loss of freedom including carceration for up to ten years ought to be the minimum punishments for intentional breach. Unintentional breach should include not only full compensation of all medical care for up to five years but also public service for all persons involved of not less than 100 hours a year for up to five years.
Without full and complete protection of individual information this system must not be implemented.