Friday, August 01, 2008

Electronic Health Records (EHR)

Health Data: Not For Sale

Right now, as Congress considers health IT legislation that would convert our health records from paper to electronic data, patient information is at risk of becoming a commodity that businesses can sell or trade.

While having a nationally connected electronic network for storing and sharing Americans medical information promises to reduce medical error and improve patient care both in emergencies and chronic situations, medical privacy should not become a casualty of the race to set up databases of electronic health records.

We need real patient control of data and damages for misuse or theft. Patients must be able to review files, correct bad data, and block access without consent to personal information. The legislation before the subcommittee does not have these protections.

If Congress fails to require strong privacy and security standards now, during the early stages of development of these online patient records systems, Americans’ medical secrets will be extremely vulnerable to snooping - or being lost or stolen.

Tell Congress: Patients deserve control of their personal health records!

The brief article above is directly from the ACLU’s website. While individuals’ opinions of the organization itself differ widely, it is quite aptly named. It does indeed work toward the preservation and adherence to laws as written, and if there is an inequity in the law, they work toward the fair application of that law to all persons subject to it.

I couldn’t begin to do justice to this topic in a short blog post, but I can tell you that it should scare the bejesus out of you. Think for a moment in terms of the transponders or chips that have been used first to set off alarms if one tried to leave a store without paying for the merchandise, next came barcodes and chips that held information about that product that enabled tracking, dates and places of sale, could correlate that with the credit card that purchased it and know that it was you who bought it. Does your pet have an implanted chip to identify it in case it is stolen or lost? Well, don’t worry, you may have one soon also, only it will have a programmable memory and you will carry your Personal Health Record, implanted under your skin, with you at all times. That could be useful if you ended up in the ER after a car crash and the staff needed information rapidly. Then your treatment, medications, procedures, diagnoses, and any other information would be added to your own little database. This request for information, especially the proposed subject population and agency requesting to carrying it out, should be of concern to all who read between the lines. Physicians’ groups are having qualms about the security of electronic records. This single article is only representative of general concerns.

The issues about the security of the EHR have not come about since last Thursday. It has been a topic of concern for a number of years within the health provider community. It has become a topic of more urgent concern recently since two information giants, Google and Microsoft, have entered the arena, proposing to become the nation’s health information repositories. Have a look at a few other searches here, and here, and especially here.

I will be the first to admit being very suspicious of the EHR. Possibly I border on being paranoid about it, but I don’t think so. Whenever I become confused or uncertain about what is happening in an undertaking of this size and importance, I have to remember to, “Follow the money.” Who stands to profit? Not really the patient or even the doctor who are just as well off with paper records. Who, then? Hospitals, HMO’s, insurance companies (health or disability,) the information transmitters (telecoms which have given the government information illegally and were granted retroactive immunity for their crimes,) the companies of whatever size that are paid to store or backup this health information? Did you notice that little or no profit goes to the individuals involved most directly, and the most to corporations who care little about what happens to a single patient or doc? Who might want this information illegally? Prospective employers not wanting to hire someone with a family history of a particular disease? Life insurance companies that might want a little edge over their actuarial tables? Government or police agencies that might just need a couple hundred thousand DNA codes?

It’s obvious where my feelings lie at this juncture. Given the burgeoning of identity theft over the last few years, is it so unreasonable to believe that the same might well happen with health records? Given the government’s nearly unfettered access to citizen’s private information without their knowledge or consent, can we say that won’t happen in our future? I’m afraid not.

Peace, Doc

Copyright © 2008, Thomas A. Blood, Ph.D.

“He who allows oppression shares the crime.” - Desiderius Erasmus quotes (Dutch Priest, Humanist and Editor of the New Testament, 1469-1536)

Labels: , , , , ,

4 Comments:

Anonymous Anonymous said...

To ease your concerns about EHR privacy, the feds are piloting education projects about HIPAA and other protections for medical records. Privacy and security concerns are perfectly normal when any type of personal information has the chance of getting into “the wrong hands.”

If you are interested, EHR Today at http://www.ehrtoday.org is one of those projects developed in my state (Louisiana) by a group of people working on a fed grant. It includes various EHR resources and has a FAQ section that is good, (we worked on it!). But there are other sites too at HIMSS, etc.

August 04, 2008 11:16 AM  
Blogger Doc said...

Stephanie,

Thank you for your reassurance, and I am sure that health care providers are doing the best that they can to HIPAA requirements. Sadly, BCBS of Georgia just gave us an example of things going badly wrong despite our best intentions.

http://blogs.zdnet.com/projectfailures/?p=945&tag=nl.e550

Peace, Doc

August 04, 2008 10:32 PM  
Anonymous Anonymous said...

Personal Health Records provides benefits such as storing and sharing of patients’ health records ensuring the privacy and confidentiality of patients’ information. This wipes out all the errors, associated with the conventional paper based system. It collects and stores the patients’ health information data from all the sources like hospitals, laboratories, healthcare professionals, pharmacies and insurance companies etc.

December 30, 2008 6:46 AM  
Blogger Doc said...

Ahh. I see why you support EHR so glowingly. You are a company which would make money from the adoption of the same. I don't personally know of any health care worker that wants the EHR/EMR except for the ignorant ones. There is a certain Venn overlap you might find there. You must be a very new startup, as the motto on your website reads "PEOPLE THOSE WHO CARE FOR PEOPLE." Convince me why I should trust any group that posts such a nonsensical header on their corporate website. My personal experience of having information lost by the VHA or hacked elsewhere just screams at me, "Don't trust it!" You may have just inspired an updated post, here and on my more widely read sites/blogs. Thank you for your observations, however. There are always many points of view about the unknown.

Peace, Doc

December 30, 2008 2:03 PM  

Post a Comment

<< Home