As part of the stimulus package, $20 billion will be pumped into the health care system to accelerate the use of electronic health records. The goal is both to improve the quality and lower the costs of care by replacing cumbersome paper records with electronic records that can be easily stored and swiftly transmitted.
The idea is sound, but it also raises important questions about how to ensure the privacy of patients. Fortunately, the legislation would impose sensible privacy protections despite attempts by business lobbyists to weaken the safeguards.
[…]
Health insurance plans and some disease management groups are complaining that the new requirements would impose administrative burdens that could actually impede the use of electronic records and interfere with coordination of care. They want to ease the marketing restrictions, notify patients only if security breaches are harmful, and keep the attorneys general out of the enforcement role.
It should be possible through implementing regulations to fine-tune the privacy requirements so that they do not disrupt patient care. Congress must make every effort to ensure that patients’ privacy is protected.
Source – New York Times
No question privacy is a large concern here, but it’s much more than that. There is a lack of standards for the capture and control of this information, and of greater concern is the lack of planning for long-term management of these information assets to ensure persistent access is possible. Records managed in electronic formats have much greater “care and feeding” requirements than their physical format counterparts
Citizens are living longer lives these days, which means a possible need to maintain accessible records of their medical conditions and care for up to 80 years, or longer in some cases. Given most of the information being captured electronically is in proprietary formats designed by the equipment manufacturers of health care equipment, or in formats that will require periodic conversion and migration to remain accessible (try to open an MSWord 97 file in MSWord 07), who is setting aside the funds to pay for an perform the migration and conversion on a regular basis over these 80+ years?
The Government is excellent at issuing “unfunded mandates” and this is DEFINITELY a case of that. All estimates given thus far of efforts to establish an electronic health record (EHR) system are for the day-forward capture of content, which does nothing for ensuring a complete record exists for anyone born prior to the day it goes into play. This will result in the need for medical professionals supporting and working with a hybrid system, calling upon paper records and cross-referencing them with electronic records on conditions affecting the patients prior to the establishment of the EHR. There are no plans for back file conversion; and ion most cases, physicians send records away to commercial storage facilities 2-3 years after they are created. Is there any expectation they won’t be planning to do the same with electronic format records? And how will they be secured for access by inappropriate people at that point? they will likely be commingled with the records of others on servers that are backed up on common tapes and stored in environments not deemed proper for such storage.
MUCH MORE thought needs to be put into this issue… if our President is thinking seriously about the delaying of deploying Digital TV because this is thought to be something that will affect millions of Americans… should the same consideration NOT BE GIVEN to the deployment of EHRs?
Larry
You raise some excellent points, Larry.
Incorporating these issues into the stimulus bill does not give them the proper importance and opportunity to review and discuss them that is urgently needed. I’ve yet to read any statement from the President that shows that he really has a grasp of the complexity and risks involved in these issues.
Provisions restricting sale of our data are all well and good, but trying to rush to EHR/EMR when the security/privacy issues have yet to be adequately resolved is a privacy Chernobyl waiting to happen — if it hasn’t happened already (i.e., we still don’t know what happened with Express Scripts, how it happened, and whether 50 million people’s prescription records are now in others’ hands).
I am very concerned about this proposed EMR proposal. I have had experience with Mayo Clinic’s EMR’s. I went to Mayo Clinic to see just what a doctor and hospital did to my kidney in Grand Island, Nebraska. A specimen that I passed while in PreOp was never analyzed by the hospital, and was disregarded by the Urologist, whom I’d only met while in PreOp, under morphine, and having already signed the consent form while under morphine. I learned later that the problem kidney stone was 2mm. and located at the intersection of the ureter and kidney. I also learned later that a 4mm. stone had close to a 90% chance of passing spontaneously without surgical intervention, which is why I am convinced that I passed the stone in PreOp. After the surgery, my back hurt, and I bled visibly. I continued to bleed for 12 days until the stent was removed in an office procedure. My back continued to hurt, my heart was skipping beats, and I was experiencing diarrhea very regularly. So I went to Mayo. The first question asked of me was whether I was going to sue this guy? I was given my agenda and the initial doctor told me that he was leaving town. I was then given a 24 hour urine test to which the attendant told me that she was adding boric acid and calcium. I was then given a dye contrast xray. During the course of the xray, the attendant asked me how much I weighed. I thought that was kind of funny as that was the first thing done. I told her and then she told me that she was goiing to have to give me a second dose. I later learned that the contrast was damaging to already damaged kidneys, particulaly when an over dosage was given. I also learned later that the dosage is not determined by the attendant dependant on a patient telling the truth about their weight; but that it was predetermined by the lab. I then met with a world renowned Urologist who berated me. He basically called me stupid, and said that there was nothing there. He then proeceded to tell me that I had a “new kidney stone” in my kidney where it had hurt since my operation that wasn’t there 6 months prior. This Urologist also told me that that I had Hypercalciuria as determined by my 24 hour urine test as to suggest that was the reason for the new stone. Recall that the attendant added calcium to the container.
When I left, I went home and in reading, found that this same Mayo Urologist who berated me developed a kidney stone basket used for retreiving kidney stones, and that his basket was used on me. According to this book, this basket was known to “tear tissue.” I then recalled a conversation with a nurse years ago who worked for a Urolgist and she claimed that one day the Urologist boasted to her that whenever he got the chance, he would go up into the kidney and “scratch” it to form a kidney stone in the same way that an oyster forms a pearl. Shouldn’t this Mayo Urologist recused himself after seeing that his basket was used on me and may have been the source of my pain? 4 years later, I began to urinate visible blood and protein, both indicators of kidney damage.
In checking my Mayo Medical papers, of the 3 doctors that I saw, 2 of the 3 “electronically signed” their reports. The Mayo Urologist whose basket was used on me, and who berated me, and whose report established that I had Hypercalciuria, his report was not signed. Is it because this report was a lie that it wasn’t signed? Was this report deliberately not signed for that very reason, no responsiblity? Would this hold up in court? These are questions that need to be asked and answered before any EMR measure is enacted. I believe that Mayo is behind the EMR push, and was Daschle’s lobby (wink). I believe that my experience shows that EMR’s can be manipulated, and had I not asked for them, they could have been manipulated even more, as they learned of my deteriorating condition, such as I have. I also want to point out that there was no time, dated stamp that would show Mayo’s record authentication, other than typed in time and date. I believe that there is an ulterior motive to put these records on the internet, and I guarantee you that they can be hacked into, and that hospitals have the money to employ the most sophisticated hackers. I think that the only way to circumvent any monkey business is for the hospital to issue the patient authenticated copies of his medical records immediately upon leaving the hospital so that the patient had a marker for honesty. My records in Grand Island were altered literally as well. Had I not received a copy of my records within 20 days of my operation, who knows what coud have been altered.
I would also like to state that I wrote to both Hillary and Obama and have heard nothing.