Search Articles
Reproduction permitted for personal use only. For reprints and reprint permission, contact reprints@wistechnology.com.
Careful with that electronic health record, Mr. Leavitt
October 18, 2006
I have been closely following the progress of the Health Insurance Portability and Accountability Act (HIPAA) and electronic health records for the last eight months. You can understand that since I am a practicing dentist with a small healthcare business, I have my own special interest at stake. I am what they call a "stakeholder" in this exciting and promising, yet very difficult and dangerous mandate.
More important than my job, I am a husband and father. I value patient privacy for myself and my family, as well as for my patients. Privacy is not only a hallmark of ethics in healthcare, it is justifiably our constitutional right.
Healthcare providers with small practices are put in a difficult position. Almost all dentists are ethical businessmen who honestly want the best for their patients for a fair price. It is just good business to treat people fairly in this very competitive field. However, dentists themselves do not know where to turn for information about what is expected of them concerning HIPAA and EHRs, even while the technology rumbles recklessly forward, gaining ever increasing momentum.
Patient privacy is not a priority in the Bush Administration's push for healthcare IT because its engineers are confident that the efficiency of technology will magically smooth over all the rough spots in security. We have learned to expect such miracles from computers.
I will let you in on a business secret that virtually all dentists know, yet nobody wishes to address: Very few dentists encrypt patient data. I would also guess that more than one dentist in the nation uses the word "password" for the password. (Did a dentist in my audience just blush?) In short, I do not believe that the threat of identity theft worries many dentists… yet.
Not so rosy scenario
Please allow me to outline a scenario which may cause some of my colleagues to reconsider complete and unsegmented, or seamless, computerization. Let us pretend that there is a fairly large practice with four dentists and 12 employees. Everyone has access to patient records because the practice is completely paperless. Let us also assume that this practice is so security conscious that it is office policy to regularly delete old records from its data base (a precaution which I doubt is very common), so that the computer system only stores 12,000 patient records at any one time.
The records, which include Social Security numbers and insurance ID numbers as well as complete medical histories, are accessed hundreds of times a day by almost everyone in the office. Just to make it interesting, let us also assume that this practice not only uses secure passwords, but the data is iron-clad encrypted. And then, just to make it even more exciting, let us assume that the computers are equipped with a yet-to-be-invented security system which causes the information to self destruct if a computer is removed from the premises in a burglary. In summary, the practice is unusually conscientious, and over $100,000 was spent for the electronic health record system, including computers and software - a bargain for a practice this size.
Undeniably, there is a growing black market for proofs of identity. As more and more data becomes available in the form of health records, the thieves who will be attracted to the treasure will also become very sophisticated. The profit margin and lack of risk will naturally attract organized crime. The value of Social Security numbers to identity thieves is well known. Less publicized, so far, is the fact that medical and dental insurance identification can be worth thousands of dollars to an identity thief before thefts of service are noticed months later, if at all.
Healthcare is expensive. Heart surgery easily can cost over $50,000. If someone needs an operation, or even dental work, very few facilities check identities. Do you dentists check a patient's driver's license against his or her insurance ID? Could you recognize a phony license, even if you had the courage to insult the person by asking to see it before starting a couple of crowns?
Here is a tangent: If you are duped into doing dentistry for an identity thief, will you later have to reimburse the insurer when the theft is discovered? As more and more electronic health records are stolen, will insurers demand that dentists be responsible for checking patients' IDs? My guess is, yes. The risk will be ours, not the insurer's.
Let us return to the digitally secure dental office where an employee, pressured by financial difficulties, becomes an accomplice to a perfect crime. The employee asks a friend of a friend (who knows a buyer) for $5 for each stolen electronic health record, but is haggled down to 50 cents. The employee tries to get all of the records, but is only able to download half of them in the 10 minutes that is available. The computers were slow that day.
The employee pulls the heist with a couple of USB flashdrives, and gets paid $3,000 without risk of going to jail. The breach will eventually be discovered because the fraud investigator will tie the ID thefts to the dental office. Angry former patients will be interviewed on the evening news. In the end, it will be assumed that a very talented "hacker" must have had his way with the computer because there is no trail. Nobody specifically will be blamed, but nevertheless the incident will bankrupt the "multi-million-dollar" dental practice for $3,000, or for even $200, or, if it is a disgruntled employee, for grins.
Record contamination
That is not a very pleasant tale. But here is another tangent which is even more unpleasant. Remember all of those electronic health records? There is a person who wants implants and crowns. The EHR and insurance coverage that the patient bought for $200 said that the previous owner was diabetic. No problem. The record is digital. Diagnoses and treatments can be changed along with medication allergies.
Do you see where this leads? If an unconscious person is admitted to an emergency room, contaminated electronic medical records could quickly kill the patient, and nobody would know why.
A very dangerous national electronic health record system is being carelessly rushed to market for short-term monetary gain by the insurance industry, its most powerful "stakeholder." The hope that a carefully planned and executed health IT system offers Americans is critical for its acceptance because it will be difficult and expensive. We cannot allow politicians to destroy precious public support for this jewel based on short-term electoral gain.
Here is the crime that will bring it down: You and I, as consumers, do not yet have the right to avoid the risk I described. Americans cannot yet opt out of danger. You cannot yet protect your family. This blunder promises to entertain us with a slow, grinding train wreck which will cost taxpayers and patients more than the abandoned supercollider. Regardless of Health and Human Services Secretary Michael Leavitt's rookie optimism, a premature EHR system will cost Americans even more trust in their elected officials, and it will kill more patients than it will save.
Please, Mr. Leavitt, slow down. Let us all have a chance at a workable plan to enjoy a safer future.
Related stories
• Tommy Thompson says capital needed for electronic health records
• CEO of healthcare group still hopeful IT will save employers money
• Kalla: Have patience with electronic health records
• Doyle asks health professionals to overcome barriers
• U.S. health system could undermine EHR progress
More important than my job, I am a husband and father. I value patient privacy for myself and my family, as well as for my patients. Privacy is not only a hallmark of ethics in healthcare, it is justifiably our constitutional right.
Healthcare providers with small practices are put in a difficult position. Almost all dentists are ethical businessmen who honestly want the best for their patients for a fair price. It is just good business to treat people fairly in this very competitive field. However, dentists themselves do not know where to turn for information about what is expected of them concerning HIPAA and EHRs, even while the technology rumbles recklessly forward, gaining ever increasing momentum.
Patient privacy is not a priority in the Bush Administration's push for healthcare IT because its engineers are confident that the efficiency of technology will magically smooth over all the rough spots in security. We have learned to expect such miracles from computers.
I will let you in on a business secret that virtually all dentists know, yet nobody wishes to address: Very few dentists encrypt patient data. I would also guess that more than one dentist in the nation uses the word "password" for the password. (Did a dentist in my audience just blush?) In short, I do not believe that the threat of identity theft worries many dentists… yet.
Advertisement
Please allow me to outline a scenario which may cause some of my colleagues to reconsider complete and unsegmented, or seamless, computerization. Let us pretend that there is a fairly large practice with four dentists and 12 employees. Everyone has access to patient records because the practice is completely paperless. Let us also assume that this practice is so security conscious that it is office policy to regularly delete old records from its data base (a precaution which I doubt is very common), so that the computer system only stores 12,000 patient records at any one time.
The records, which include Social Security numbers and insurance ID numbers as well as complete medical histories, are accessed hundreds of times a day by almost everyone in the office. Just to make it interesting, let us also assume that this practice not only uses secure passwords, but the data is iron-clad encrypted. And then, just to make it even more exciting, let us assume that the computers are equipped with a yet-to-be-invented security system which causes the information to self destruct if a computer is removed from the premises in a burglary. In summary, the practice is unusually conscientious, and over $100,000 was spent for the electronic health record system, including computers and software - a bargain for a practice this size.
Undeniably, there is a growing black market for proofs of identity. As more and more data becomes available in the form of health records, the thieves who will be attracted to the treasure will also become very sophisticated. The profit margin and lack of risk will naturally attract organized crime. The value of Social Security numbers to identity thieves is well known. Less publicized, so far, is the fact that medical and dental insurance identification can be worth thousands of dollars to an identity thief before thefts of service are noticed months later, if at all.
Healthcare is expensive. Heart surgery easily can cost over $50,000. If someone needs an operation, or even dental work, very few facilities check identities. Do you dentists check a patient's driver's license against his or her insurance ID? Could you recognize a phony license, even if you had the courage to insult the person by asking to see it before starting a couple of crowns?
Here is a tangent: If you are duped into doing dentistry for an identity thief, will you later have to reimburse the insurer when the theft is discovered? As more and more electronic health records are stolen, will insurers demand that dentists be responsible for checking patients' IDs? My guess is, yes. The risk will be ours, not the insurer's.
Let us return to the digitally secure dental office where an employee, pressured by financial difficulties, becomes an accomplice to a perfect crime. The employee asks a friend of a friend (who knows a buyer) for $5 for each stolen electronic health record, but is haggled down to 50 cents. The employee tries to get all of the records, but is only able to download half of them in the 10 minutes that is available. The computers were slow that day.
The employee pulls the heist with a couple of USB flashdrives, and gets paid $3,000 without risk of going to jail. The breach will eventually be discovered because the fraud investigator will tie the ID thefts to the dental office. Angry former patients will be interviewed on the evening news. In the end, it will be assumed that a very talented "hacker" must have had his way with the computer because there is no trail. Nobody specifically will be blamed, but nevertheless the incident will bankrupt the "multi-million-dollar" dental practice for $3,000, or for even $200, or, if it is a disgruntled employee, for grins.
Record contamination
That is not a very pleasant tale. But here is another tangent which is even more unpleasant. Remember all of those electronic health records? There is a person who wants implants and crowns. The EHR and insurance coverage that the patient bought for $200 said that the previous owner was diabetic. No problem. The record is digital. Diagnoses and treatments can be changed along with medication allergies.
Do you see where this leads? If an unconscious person is admitted to an emergency room, contaminated electronic medical records could quickly kill the patient, and nobody would know why.
A very dangerous national electronic health record system is being carelessly rushed to market for short-term monetary gain by the insurance industry, its most powerful "stakeholder." The hope that a carefully planned and executed health IT system offers Americans is critical for its acceptance because it will be difficult and expensive. We cannot allow politicians to destroy precious public support for this jewel based on short-term electoral gain.
Here is the crime that will bring it down: You and I, as consumers, do not yet have the right to avoid the risk I described. Americans cannot yet opt out of danger. You cannot yet protect your family. This blunder promises to entertain us with a slow, grinding train wreck which will cost taxpayers and patients more than the abandoned supercollider. Regardless of Health and Human Services Secretary Michael Leavitt's rookie optimism, a premature EHR system will cost Americans even more trust in their elected officials, and it will kill more patients than it will save.
Please, Mr. Leavitt, slow down. Let us all have a chance at a workable plan to enjoy a safer future.
Related stories
• Tommy Thompson says capital needed for electronic health records
• CEO of healthcare group still hopeful IT will save employers money
• Kalla: Have patience with electronic health records
• Doyle asks health professionals to overcome barriers
• U.S. health system could undermine EHR progress
When he's not penning contrarian columns, Darrell Pruitt, DDS, runs a dental practice in Fort Worth, Texas.
The opinions expressed herein or statements made in the above column are solely those of the author, and do not necessarily reflect the views of Wisconsin Technology Network, LLC. (WTN). WTN, LLC accepts no legal liability or responsibility for any claims made or opinions expressed herein.
The opinions expressed herein or statements made in the above column are solely those of the author, and do not necessarily reflect the views of Wisconsin Technology Network, LLC. (WTN). WTN, LLC accepts no legal liability or responsibility for any claims made or opinions expressed herein.
Comments
Steve Miller responded 3 years ago: #1
Who owns a patient record if every provider in the chain has access?
Where is the concept of private practice? Do large organizations (read hospitals) use this 'need for seamlessness' to erode the private property rights of non-hospital-owned providers (read smaller solo and group practices)? Do they use this further as a powerful competitive weapon?
As a broker and valuation professional, I worry if there will be anything left to sell.
Where is the concept of private practice? Do large organizations (read hospitals) use this 'need for seamlessness' to erode the private property rights of non-hospital-owned providers (read smaller solo and group practices)? Do they use this further as a powerful competitive weapon?
As a broker and valuation professional, I worry if there will be anything left to sell.
Christopher Sullivan, Ph.D. responded 3 years ago: #2
I have read the article by Dr. Pruitt, and while one may applaud his desire to ensure the confidentiality of patient records, his story seems full of inaccuracies and misplaced suppositions. As one example, the RTI Privacy and Security project funding projects in 34 states and territories is the largest HIT project funded by ONC last year. This fact undercuts Dr. Pruitt's assertion "Patient privacy is not a priority in the Bush Administration's push for healthcare IT." There are many similar assertions that could be cited.
Also note that his breach of security example takes place not because the computer security system fails, but because of his failure to hire trustable employees. The identity theft scenario would have the same outcome if he were using a paper or electronic system. The security and auditing standards that are proposed for the Florida Health Information Network (FHIN) would discover the identity theft long before any auditor would catch it - that is if Dr. Pruitt were connected to the FHIN or one of the Florida RHIOs. In his paper world, it is questionable whether the theft would ever be tracked down.
Also note that his breach of security example takes place not because the computer security system fails, but because of his failure to hire trustable employees. The identity theft scenario would have the same outcome if he were using a paper or electronic system. The security and auditing standards that are proposed for the Florida Health Information Network (FHIN) would discover the identity theft long before any auditor would catch it - that is if Dr. Pruitt were connected to the FHIN or one of the Florida RHIOs. In his paper world, it is questionable whether the theft would ever be tracked down.
Rob Bergin responded 3 years ago: #3
Why are USB ports enabled in the first place? For that matter why are any removable devices even functioning? Lock them down, for a 10 PC office, its less than $500 to lock all removable devices. Got an ipod? Got a PC? Guess what, its a removable hard drive - don't allow your users to connect removable devices to your PC and the risk of an electronic theft can be greatly reduced.
Tune in next week, when I explain to you why your people shouldn't have Internet Access or if they do why it should be monitored - FTPing PHI can happen once you remove their USB Memory Sticks but it can't happen if you block FTP and restrict outbound usage.
Tune in next week, when I explain to you why your people shouldn't have Internet Access or if they do why it should be monitored - FTPing PHI can happen once you remove their USB Memory Sticks but it can't happen if you block FTP and restrict outbound usage.
Darrell Pruitt DDS responded 3 years ago: #4
Thank you for your thoughtful response, Mr. Bergin. This is what healthcare security needs, dialogue. You almost sound sure of your advice when you say that "the risk of an electronic theft can be greatly reduced." Would you bet your life on it?
Darrell Pruitt DDS
Darrell Pruitt DDS
Kurt Belgard MD responded 3 years ago: #5
Dr Pruitt's concerns are not only valid but far too limited in their appreciation of the real risks. It is rightly pointed out that the real problem with the clerk with the USB drive is untrustworthy staff, rather than technology. However with digital records, thousands can be stolen in seconds while the same project would require many many unsupervised hours in the office when the records are on paper.
Humans are flawed and all systems created by humans are flawed. The doctor is morally responsible for keeping the trust that his patients put in him. The grand scheme for a national health information network requires that the data stream out of his office onto the internet. Dr. Sullivan assures us that the network in Florida is secure. The problem is that I and Dr. Pruitt know that some IT expert gave assurances about all of those systems that had massive breaches that we read about every few days, we can't check out that system ourselves and WE are the ones morally and legally responsible. At least we get an opportunity to make a decision about who to hire for an office clerk.
As a psychiatrist, I and my patients take this very very seriously. The multispecialty group practice that I was in computerized the records. The group that most consitently objected to having their psychiatric records digitized: IT professionals. The more educated and knowledgable, the less trusting of institutional reassurances. When our clinic set up the system, and I was being browbeat by the system to be a team player and use it, I was assured that only the professionals having appointments with the patients could pull the records--that the 5000 employees couldn't snoop through family members records. I asked if anyone in the room had tested that. Hearing a negative, we immediately did a test and the clinician was able to pull up his wife and daughter's record without impediment (or subsequent response).
I have had to take extra precautions to secure paper records from staff member relatives of certain patients in famliy conflicts. That is actually common. With the paper record, I can do that and know that it is secure. With the data digitized and scattered whereever IT puts it, I can never know how secure it really is, and therefore am unable to do my duty in that regard.
And if I bring a paper chart home and it is stolen out of the car, I have potentially harmed one person. If I have a breach of an electronic database, within milliseconds I have harmed thousands.
Humans are flawed and all systems created by humans are flawed. The doctor is morally responsible for keeping the trust that his patients put in him. The grand scheme for a national health information network requires that the data stream out of his office onto the internet. Dr. Sullivan assures us that the network in Florida is secure. The problem is that I and Dr. Pruitt know that some IT expert gave assurances about all of those systems that had massive breaches that we read about every few days, we can't check out that system ourselves and WE are the ones morally and legally responsible. At least we get an opportunity to make a decision about who to hire for an office clerk.
As a psychiatrist, I and my patients take this very very seriously. The multispecialty group practice that I was in computerized the records. The group that most consitently objected to having their psychiatric records digitized: IT professionals. The more educated and knowledgable, the less trusting of institutional reassurances. When our clinic set up the system, and I was being browbeat by the system to be a team player and use it, I was assured that only the professionals having appointments with the patients could pull the records--that the 5000 employees couldn't snoop through family members records. I asked if anyone in the room had tested that. Hearing a negative, we immediately did a test and the clinician was able to pull up his wife and daughter's record without impediment (or subsequent response).
I have had to take extra precautions to secure paper records from staff member relatives of certain patients in famliy conflicts. That is actually common. With the paper record, I can do that and know that it is secure. With the data digitized and scattered whereever IT puts it, I can never know how secure it really is, and therefore am unable to do my duty in that regard.
And if I bring a paper chart home and it is stolen out of the car, I have potentially harmed one person. If I have a breach of an electronic database, within milliseconds I have harmed thousands.
Kurt Belgard MD responded 3 years ago: #6
Dr Pruitt's concerns are not only valid but far too limited in their appreciation of the real risks. It is rightly pointed out that the real problem with the clerk with the USB drive is untrustworthy staff, rather than technology. However with digital records, thousands can be stolen in seconds while the same project would require many many unsupervised hours in the office when the records are on paper.
Humans are flawed and all systems created by humans are flawed. The doctor is morally responsible for keeping the trust that his patients put in him. The grand scheme for a national health information network requires that the data stream out of his office onto the internet. Dr. Sullivan assures us that the network in Florida is secure. The problem is that I and Dr. Pruitt know that some IT expert gave assurances about all of those systems that had massive breaches that we read about every few days, we can't check out that system ourselves, and WE are the ones morally and legally responsible. At least we get an opportunity to make a decision about who to hire for an office clerk.
As a psychiatrist, I and my patients take this very very seriously. The multispecialty group practice that I was in computerized the records. The group that most consitently objected to having their psychiatric records digitized: IT professionals. The more educated and knowledgable, the less trusting of institutional reassurances. When our clinic set up the system, and I was being browbeat by the system to be a team player and use it, I was assured that only the professionals having appointments with the patients could pull the records - that the 5000 employees couldn't snoop through family members records. I asked if anyone in the room had tested that. Hearing a negative, we immediately did a test and the clinician was able to pull up his wife and daughter's record without impediment (or subsequent response).
I have had to take extra precautions to secure paper records from staff member relatives of certain patients in famliy conflicts. That is actually common. With the paper record, I can do that and know that it is secure. With the data digitized and scattered where ever IT puts it, I can never know how secure it really is, and therefore am unable to do my duty in that regard.
And if I bring a paper chart home and it is stolen out of the car, I have potentially harmed one person. If I have a breach of an electronic database, within milliseconds I have harmed thousands.
Humans are flawed and all systems created by humans are flawed. The doctor is morally responsible for keeping the trust that his patients put in him. The grand scheme for a national health information network requires that the data stream out of his office onto the internet. Dr. Sullivan assures us that the network in Florida is secure. The problem is that I and Dr. Pruitt know that some IT expert gave assurances about all of those systems that had massive breaches that we read about every few days, we can't check out that system ourselves, and WE are the ones morally and legally responsible. At least we get an opportunity to make a decision about who to hire for an office clerk.
As a psychiatrist, I and my patients take this very very seriously. The multispecialty group practice that I was in computerized the records. The group that most consitently objected to having their psychiatric records digitized: IT professionals. The more educated and knowledgable, the less trusting of institutional reassurances. When our clinic set up the system, and I was being browbeat by the system to be a team player and use it, I was assured that only the professionals having appointments with the patients could pull the records - that the 5000 employees couldn't snoop through family members records. I asked if anyone in the room had tested that. Hearing a negative, we immediately did a test and the clinician was able to pull up his wife and daughter's record without impediment (or subsequent response).
I have had to take extra precautions to secure paper records from staff member relatives of certain patients in famliy conflicts. That is actually common. With the paper record, I can do that and know that it is secure. With the data digitized and scattered where ever IT puts it, I can never know how secure it really is, and therefore am unable to do my duty in that regard.
And if I bring a paper chart home and it is stolen out of the car, I have potentially harmed one person. If I have a breach of an electronic database, within milliseconds I have harmed thousands.
Darrell Pruitt DDS responded 3 years ago: #7
I wish to point out that yesterday, October 25th, The Indianapolis Star reported that 260,000 Indiana and Illinois patient records that were stored on compact discs were carelessly lost (and fortunately recovered). If stupidity trumps security protocol, intentional theft of electronic data cannot be that difficult.
Darrell Pruitt DDS responded 3 years ago: #8
Yesterday, in continuance of our conversation concerning the safety of electronic health records, I posted news about a breach caused by stupidity that occurred in Indiana involving 260,000 patients. Today I read that 200,000 more patients records were exposed in Ohio (wkyc.com). This time it was a hacker. One should consider that the breach by local stupidity occurred in July, and the breach by hacker, apparently originating in Germany, was discovered September 6th. How many more breaches have occurred that are yet to be discovered? How many more have been discovered, but yet to be reported? Finally, how many more will be painfully discovered one patient at a time?
It is incredible to me that third-party stakeholders (stakeholders in electronic health records other than patients and doctors), who promote EHRs for financial gain or for re-election, claim that the digital records are not only safer than paper, but that a fully integrated and universal system will save such an enormous amount of money in the long run that the pain and expense of converting from paper will be worth the reward.
Call me cynical, but I think it will be more like sporadically converting the country from the custom of driving on the right side of the road to driving on the left over a period of an undetermined number of years, state by state, county by county, with speeders choice on every other Wednesday.
In the last three days, the hospitals involved in these recent breaches have begun notifying about 460,000 patients that they should observe their credit reports indefinitely. Third-party stakeholders, in all fairness, should be required to warn providers that it is very expensive when patients trust is betrayed bankruptcy expensive. The Ponemon Institute estimates that 20 percent of patients notified about a breach will never return. The Ponemon researchers also estimate that it costs providers $140 per patient to warn them of the threat to their welfare. Vic Gideon, the author of the article at wkyc.com, estimates that the cost is closer to $200. This means that these two breaches alone could cost healthcare providers in the Midwest over $90 million dollars to tell their (former) patients, Oops, we fumbled your trust. Sorry.
Here is something else that is incredible. In all of the breaches that have occurred in the last year, which probably amounts to half of the nations population by now, apologetic authorities have consistently assured patients that there is no evidence that their personal information was downloaded in a legible format by identity thieves. I have to ask how they would know.
If paper records are stolen, the theft eventually shows up in missing paper records. In contrast, for electronic records, there is no audit trail by design, because accountability is inconvenient for insurers. They favor the portability part of the Health Insurance Portability and Accountability Act.
For third-party stakeholders to claim that paper records are as dangerous as electronic records is beyond disingenuous, it is just plain silly. Darrell Pruitt DDS
It is incredible to me that third-party stakeholders (stakeholders in electronic health records other than patients and doctors), who promote EHRs for financial gain or for re-election, claim that the digital records are not only safer than paper, but that a fully integrated and universal system will save such an enormous amount of money in the long run that the pain and expense of converting from paper will be worth the reward.
Call me cynical, but I think it will be more like sporadically converting the country from the custom of driving on the right side of the road to driving on the left over a period of an undetermined number of years, state by state, county by county, with speeders choice on every other Wednesday.
In the last three days, the hospitals involved in these recent breaches have begun notifying about 460,000 patients that they should observe their credit reports indefinitely. Third-party stakeholders, in all fairness, should be required to warn providers that it is very expensive when patients trust is betrayed bankruptcy expensive. The Ponemon Institute estimates that 20 percent of patients notified about a breach will never return. The Ponemon researchers also estimate that it costs providers $140 per patient to warn them of the threat to their welfare. Vic Gideon, the author of the article at wkyc.com, estimates that the cost is closer to $200. This means that these two breaches alone could cost healthcare providers in the Midwest over $90 million dollars to tell their (former) patients, Oops, we fumbled your trust. Sorry.
Here is something else that is incredible. In all of the breaches that have occurred in the last year, which probably amounts to half of the nations population by now, apologetic authorities have consistently assured patients that there is no evidence that their personal information was downloaded in a legible format by identity thieves. I have to ask how they would know.
If paper records are stolen, the theft eventually shows up in missing paper records. In contrast, for electronic records, there is no audit trail by design, because accountability is inconvenient for insurers. They favor the portability part of the Health Insurance Portability and Accountability Act.
For third-party stakeholders to claim that paper records are as dangerous as electronic records is beyond disingenuous, it is just plain silly. Darrell Pruitt DDS
Kurt Belgard MD responded 3 years ago: #9
The third-party stakeholders who claim that paper records are as susceptible to privacy breaches as electronic records invariably have a personal or institutional financial interest in their promulgation.
Why in this one area of modern life are third parties pushing computerization so hard? Health care providers are among the most technologically oriented members of society and eagerly adopt new technology where it enhances the productivity or quality of their work - just in every other industry and area of American life. Computerization of medical practice should be left to develope in the free market on its own merits, not pushed by third parties outside the consulting room or mandated by government policies.
Why in this one area of modern life are third parties pushing computerization so hard? Health care providers are among the most technologically oriented members of society and eagerly adopt new technology where it enhances the productivity or quality of their work - just in every other industry and area of American life. Computerization of medical practice should be left to develope in the free market on its own merits, not pushed by third parties outside the consulting room or mandated by government policies.
Chris K responded 3 years ago: #10
While I appreciate the concerns about security, I'm surprised that no one has mentioned loss of information as a result of "migration" - another potential serious consequence of EHR. While criminals steal our health records, migration of them over decades can also have a detrimental affect. As an indivual and records manager, I think the issue of migration is equally as important as security.
Darrell Pruitt DDS responded 3 years ago: #11
Chris K, can you explain "migration"?
Kurt Belgard, MD responded 3 years ago: #12
Dr. Pruitt, in the absence of a response from Chris K, I will venture to share my presumptions. I think he is refering to the need to migrate the format and media over time to keep up with new technology. We cleaned out the storage room the other day and found a box full of 5 1/4" floppys from the early 90's and our MS-DOS days. We no longer have anything that will read those disks. Some were contained financial data from my earlier apple 2 days. It would only be assessible with great inconvience now. The things that I threw in a filing cabinet 25 years ago are readable with no such problems.
The migration problem arises when you don't transfer the old files to new formats before the old hardware needed to see the old files is replaced. There may also be occasions when upgrading to the "new improved" EMR software, the old data will be lost or garbled. It is as if you pulled your old paper files, but the English language had evolved so much in the intervening years that you can't read them. That doesn't happen. Flood and file happen, but are risks have long been managed withing reasonable bounds without tremendous costs.
While I may be diligent about avoiding data loss due to migration problems in the maintenance and management of my digital archive, what happens a few years after I die, and a record is needed to address a legal issue? Will anyone have been addressing this problem, or will the database be archived on an outmoded media requiring extra expense and expertise to access? To avoid this, will I have dumped the archives into an information network, transfering my Hippocratic covenental responsibilities to a faceless technocracy?
There is the other problem, and that is the necessity for data destruction. Many consider prudent that some records, such as psychiatric records, not be kept long past the legally mandated minimum. The potential advantage to former patients of old treatment and diagnostic data must be balanced against the disadvantage that the existence of the record presents to their privacy. With paper files, it is easier to make the decision regarding destruction of old files on a case by case basis, while similtaneously being certain of it's destruction. How is a clinician to do this with an archive of old records on optical media for example?
The migration problem arises when you don't transfer the old files to new formats before the old hardware needed to see the old files is replaced. There may also be occasions when upgrading to the "new improved" EMR software, the old data will be lost or garbled. It is as if you pulled your old paper files, but the English language had evolved so much in the intervening years that you can't read them. That doesn't happen. Flood and file happen, but are risks have long been managed withing reasonable bounds without tremendous costs.
While I may be diligent about avoiding data loss due to migration problems in the maintenance and management of my digital archive, what happens a few years after I die, and a record is needed to address a legal issue? Will anyone have been addressing this problem, or will the database be archived on an outmoded media requiring extra expense and expertise to access? To avoid this, will I have dumped the archives into an information network, transfering my Hippocratic covenental responsibilities to a faceless technocracy?
There is the other problem, and that is the necessity for data destruction. Many consider prudent that some records, such as psychiatric records, not be kept long past the legally mandated minimum. The potential advantage to former patients of old treatment and diagnostic data must be balanced against the disadvantage that the existence of the record presents to their privacy. With paper files, it is easier to make the decision regarding destruction of old files on a case by case basis, while similtaneously being certain of it's destruction. How is a clinician to do this with an archive of old records on optical media for example?
Roger Chylla responded 2 years ago: #13
Everyone agrees that unauthorized access to medical records is a huge risk that must be mitigated by a combination of technology, employee monitoring, sound IT practices, security auditing, etc.
My comments on this issue I put in the form of questions. What is so unique about guarding the privacy of medical information versus other forms of information? As a society, we have moved forward with storing and disseminating sensitive, personal information electronically in many areas of our lives. What security problems exist in the management of medical information that no one has had to solve in other industries?
Let me take the most obvious example, the financial industry. What could be more sensitive than knowledge of and access to your personal wealth? Yes, stealing your medical information may be valuable to someone, but stealing your money is a far more direct route. Is there any risk that has been cited in this discussion that does not apply to the protection of your electronic money? What about the actions of unethical employees of the bank or investment company where you keep your savings?
Many of us pay our bills online. Many of us pay our bills electronically. All of our personal banking accounts are tied into a nationwide system that allows the withdrawl of money anywhere at anytime with no human intervention (ATMs). If this system can be managed with acceptable levels of risk, then why is increased electronic access to medical information so much more dangerous in some people's perception?
The fact is that physicians and hospital administrators have been dragging their heels for a decade and are behind almost every other industry in the degree of managing information electronically. There is no way I (or anyone) could possibly address every specific risk scenario that someone could bring up in a discussion like this, but I can point to the precedent of other industries (banking, insurance, etc.) who, when "motivated" to move to electronic management of their information, have succeeded in doing so with "acceptable" risk to their customers. Credit/charge account information has been compromised, does this keep you from using one? Yes, I know, your money can be replaced when stolen, but your privacy cannot. But is medical information the only information that is personal and private? How many people do you want to know your complete financial history, personal wealth, credit record, etc?
This brings me to my last point, which is motivation. I cannot help but think that, although all of the risks being discussed in this forum are completely valid and real, the angst expressed here has more to do with people and organizations being asked to make changes that they are not personally and systemically motivated to perform than it does with excited people who cannot wait to move forward but are just gravely concerned about the integrity of our medical data.
If Governor Doyle wants to make real progress on this issue (which I applaud), I think he should give greater attention to issues of motivation than to issues of technology.
My comments on this issue I put in the form of questions. What is so unique about guarding the privacy of medical information versus other forms of information? As a society, we have moved forward with storing and disseminating sensitive, personal information electronically in many areas of our lives. What security problems exist in the management of medical information that no one has had to solve in other industries?
Let me take the most obvious example, the financial industry. What could be more sensitive than knowledge of and access to your personal wealth? Yes, stealing your medical information may be valuable to someone, but stealing your money is a far more direct route. Is there any risk that has been cited in this discussion that does not apply to the protection of your electronic money? What about the actions of unethical employees of the bank or investment company where you keep your savings?
Many of us pay our bills online. Many of us pay our bills electronically. All of our personal banking accounts are tied into a nationwide system that allows the withdrawl of money anywhere at anytime with no human intervention (ATMs). If this system can be managed with acceptable levels of risk, then why is increased electronic access to medical information so much more dangerous in some people's perception?
The fact is that physicians and hospital administrators have been dragging their heels for a decade and are behind almost every other industry in the degree of managing information electronically. There is no way I (or anyone) could possibly address every specific risk scenario that someone could bring up in a discussion like this, but I can point to the precedent of other industries (banking, insurance, etc.) who, when "motivated" to move to electronic management of their information, have succeeded in doing so with "acceptable" risk to their customers. Credit/charge account information has been compromised, does this keep you from using one? Yes, I know, your money can be replaced when stolen, but your privacy cannot. But is medical information the only information that is personal and private? How many people do you want to know your complete financial history, personal wealth, credit record, etc?
This brings me to my last point, which is motivation. I cannot help but think that, although all of the risks being discussed in this forum are completely valid and real, the angst expressed here has more to do with people and organizations being asked to make changes that they are not personally and systemically motivated to perform than it does with excited people who cannot wait to move forward but are just gravely concerned about the integrity of our medical data.
If Governor Doyle wants to make real progress on this issue (which I applaud), I think he should give greater attention to issues of motivation than to issues of technology.
Roger Chylla responded 2 years ago: #14
In response to Mr. Bergin's statement that "the risk of an electronic theft can be greatly reduced," Dr. Pruitt asks the provocative question: "Would you bet your life on it?"
I would deflect this question back at Dr Pruitt. Do you want to "bet your life" that decreased access to electronic medical information will not adversely affect you or anyone else's health?
Are you saying that no one has ever died because a medical practitioner was insufficiently aware of a serious allergy? Has lack of timely access to a medical image or other electronic health record ever delayed diagnosis and subsequent treatment of a serious (even life-threatening) malady?
Yes, I value my privacy, especially knowledge of something as personal as my medical history, but I value my health even more. I will bet that a system providing access to my medical records by medical professionals (with all of the appropriate safeguards and mitigations) will improve my health (not to mention my wallet) to a degree that is acceptable to its concomitant risk to my privacy.
I would deflect this question back at Dr Pruitt. Do you want to "bet your life" that decreased access to electronic medical information will not adversely affect you or anyone else's health?
Are you saying that no one has ever died because a medical practitioner was insufficiently aware of a serious allergy? Has lack of timely access to a medical image or other electronic health record ever delayed diagnosis and subsequent treatment of a serious (even life-threatening) malady?
Yes, I value my privacy, especially knowledge of something as personal as my medical history, but I value my health even more. I will bet that a system providing access to my medical records by medical professionals (with all of the appropriate safeguards and mitigations) will improve my health (not to mention my wallet) to a degree that is acceptable to its concomitant risk to my privacy.
Kurt Belgard, MD responded 2 years ago: #15
Mr. Chylla:
Your question about "What is so different about medical information?" is a good one - and is easily answered. What is different is shame. In the process of medical treatment, it is not only our blood pressure and cholesterol that is revealed to our doctor, but also our sexual behaviors, our compulsions, our relationship conflicts and our feelings about them, our drug and alcohol use, our emotions, our character flaws, and sometimes our fantasies. These are far more personal than a bank balance. They are things about which we have a certain amount of shame, things which our doctor sometimes must know to provide quality care, but which we are likely to lie about or keep hidden if it occurs to us that this information will get out of his office. So privacy is absolutely essential for certain kinds of quality health care - as essential as a sterile field is for quality surgery.
That is why for 2,500 years physicians have taken an oath to safeguard their patients privacy - because the patients confidence in it is not a peripheral issue to medicine. It is essential to its practice. That is something else about different about medical practice, that the obligation to privacy is so central that it has been defined by an oath that has survived the rise and fall of civilizations. It is not merely defined by law.
That also explains why physicians and hospitals have been slow to sign onto information sharing systems outside of their control. I have personally seen how IT committees can treat medical privacy in a callous and cavalier fashion. Many IT professionals see it only as so much accounting data and treat it as such. Once the information has been turned over to IT professionals, it is in the hands of people who do not have that personal obligation to the patient, and may have no idea of how critical that privacy is to the doctor-patient relationship (just as I have no idea of how to evaluate the efficacy of a firewall).
This also explains why the head-long rush towards a national information network requires that the decision be out of the hands of medical professionals. This process is unfortunately well underway. In the end, the risk to the patients privacy needs to be acceptable to that particular patient, or that patient will conceal information and therefore get bad care. It is not enough that it is acceptable to you, or Congress, or a majority. It doesn't matter what John Doe public thinks when the pollster calls him at home and asks him his opinion about privacy vs. efficiency. What matters is how he feels when he is sitting in the doctor's office feeling scared, sick, and ashamed.
I am not against electronic records, but I do not think that they should be mandatory for doctors or patients. Better dissimination of medical information can save lives or lose them. Doctors and patients should be completely free to choose whether to participate, basing the decision on the risk-benefit calculation in each situation, as in every other medical activity.
Your question about "What is so different about medical information?" is a good one - and is easily answered. What is different is shame. In the process of medical treatment, it is not only our blood pressure and cholesterol that is revealed to our doctor, but also our sexual behaviors, our compulsions, our relationship conflicts and our feelings about them, our drug and alcohol use, our emotions, our character flaws, and sometimes our fantasies. These are far more personal than a bank balance. They are things about which we have a certain amount of shame, things which our doctor sometimes must know to provide quality care, but which we are likely to lie about or keep hidden if it occurs to us that this information will get out of his office. So privacy is absolutely essential for certain kinds of quality health care - as essential as a sterile field is for quality surgery.
That is why for 2,500 years physicians have taken an oath to safeguard their patients privacy - because the patients confidence in it is not a peripheral issue to medicine. It is essential to its practice. That is something else about different about medical practice, that the obligation to privacy is so central that it has been defined by an oath that has survived the rise and fall of civilizations. It is not merely defined by law.
That also explains why physicians and hospitals have been slow to sign onto information sharing systems outside of their control. I have personally seen how IT committees can treat medical privacy in a callous and cavalier fashion. Many IT professionals see it only as so much accounting data and treat it as such. Once the information has been turned over to IT professionals, it is in the hands of people who do not have that personal obligation to the patient, and may have no idea of how critical that privacy is to the doctor-patient relationship (just as I have no idea of how to evaluate the efficacy of a firewall).
This also explains why the head-long rush towards a national information network requires that the decision be out of the hands of medical professionals. This process is unfortunately well underway. In the end, the risk to the patients privacy needs to be acceptable to that particular patient, or that patient will conceal information and therefore get bad care. It is not enough that it is acceptable to you, or Congress, or a majority. It doesn't matter what John Doe public thinks when the pollster calls him at home and asks him his opinion about privacy vs. efficiency. What matters is how he feels when he is sitting in the doctor's office feeling scared, sick, and ashamed.
I am not against electronic records, but I do not think that they should be mandatory for doctors or patients. Better dissimination of medical information can save lives or lose them. Doctors and patients should be completely free to choose whether to participate, basing the decision on the risk-benefit calculation in each situation, as in every other medical activity.
Roger Chylla responded 2 years ago: #16
Dr Belgard:
Although we may appear to be on different sides of the issue, I suspect that we agree on quite a lot. I see this issue as a balance of the potential health and cost benefits of increased dissemination of information versus the risks of unauthorized access to that information and loss of privacy.
From the standpoint of a patient, I would evaluate the positions that medical providers take on this issue very differently depending upon the type of information that they are managing. In the field of mental health, for example, I would favor privacy over increased electronic access. The health and cost benefits of electronic access to medical information are most compelling in cases involving emergency care and access to objective/quantitative data like medical images, immunization history, allergic responses, blood pressure data, etc. In mental health fields like psychiatry, these use cases are much less prevalent. Who is going to perform an emergency evaluation of my mental health in order to make a decision on my medical care? At the same time, the shame factor that you cite is indeed higher for mental health issues than other areas of medicine (although its never insignificant in any area).
I would make the opposite decision with respect to the management of most of my other medical information. Whenever medical images are taken of my body, for example, I want those images to be available to me on demand and made accessible to medical professionals who might need to treat me in an emergency or even consolatory situation. It harms both my health (gratuitous exposure to radiation) and my wallet (indirectly by increased costs to medical insurance providers) to be performing duplicate medical scans because a medical provider chooses for either selfish or honorable reasons to not participate in electronic sharing of those images. Even greater than these concerns, of course, is the very real probability that a faster diagnosis as a result of electronic access to one of these images (and other associated meta data) might lead to a timely treatment that significantly improves my health.
The toughest question of all on this issue is who makes these decisions? Does each physician make the decision for their own practice and then each consumer makes the decision of their medical provider with this stance in mind? The libertarian in me does favor this solution. At the same time, I am concerned that many providers will use privacy as a shield to hide more selfish motivations and that we as consumers will still not have any more choices than we do today. I guess we should just try the libertarian model and see how it all plays out.
Although we may appear to be on different sides of the issue, I suspect that we agree on quite a lot. I see this issue as a balance of the potential health and cost benefits of increased dissemination of information versus the risks of unauthorized access to that information and loss of privacy.
From the standpoint of a patient, I would evaluate the positions that medical providers take on this issue very differently depending upon the type of information that they are managing. In the field of mental health, for example, I would favor privacy over increased electronic access. The health and cost benefits of electronic access to medical information are most compelling in cases involving emergency care and access to objective/quantitative data like medical images, immunization history, allergic responses, blood pressure data, etc. In mental health fields like psychiatry, these use cases are much less prevalent. Who is going to perform an emergency evaluation of my mental health in order to make a decision on my medical care? At the same time, the shame factor that you cite is indeed higher for mental health issues than other areas of medicine (although its never insignificant in any area).
I would make the opposite decision with respect to the management of most of my other medical information. Whenever medical images are taken of my body, for example, I want those images to be available to me on demand and made accessible to medical professionals who might need to treat me in an emergency or even consolatory situation. It harms both my health (gratuitous exposure to radiation) and my wallet (indirectly by increased costs to medical insurance providers) to be performing duplicate medical scans because a medical provider chooses for either selfish or honorable reasons to not participate in electronic sharing of those images. Even greater than these concerns, of course, is the very real probability that a faster diagnosis as a result of electronic access to one of these images (and other associated meta data) might lead to a timely treatment that significantly improves my health.
The toughest question of all on this issue is who makes these decisions? Does each physician make the decision for their own practice and then each consumer makes the decision of their medical provider with this stance in mind? The libertarian in me does favor this solution. At the same time, I am concerned that many providers will use privacy as a shield to hide more selfish motivations and that we as consumers will still not have any more choices than we do today. I guess we should just try the libertarian model and see how it all plays out.
Darrell Pruitt DDS responded 2 years ago: #17
I have a new concern about lost records. Please let me make it your concern as well.
Over 100 million identities have been exposed in the last two years via stolen computers in the US. That is 1/3 of the nation, and represents only the reported losses in a nation which has no federal law compelling one to report a breach.
If a terrorist group has control of as little as .01% of these records, or 10,000 credit limits and plenty of time to cherry-pick, individual banks could be intensely targeted with a blitz of fraud, or the terrorists could divide the destruction however best fits their needs. The longer they collect IDs the more powerful the financial blow.
A small, tight team of well-prepared terrorists with cell phones and thousands, or even millions of stolen identities will run virtually no risk of detection for a crime that could easily be the biggest heist in history, performed in a few hours from anywhere in the world. There will be no trail, and the thieves probably do not even need to know how to speak English.
Here is the strategically beautiful part of this plan: Due to billing cycles and additional time for disputed charges on credit cards, very expensive ultramodern weapons and targeting systems can be used to kill American soldiers at least a couple of months before anyone even has a chance to know the extent of the damage to our nations financial system.
I would not want to be a business owner who has to admit to the FBI that a breach had occurred which was not reported.
Sorry if I soiled your day.
Darrell Pruitt DDS
Over 100 million identities have been exposed in the last two years via stolen computers in the US. That is 1/3 of the nation, and represents only the reported losses in a nation which has no federal law compelling one to report a breach.
If a terrorist group has control of as little as .01% of these records, or 10,000 credit limits and plenty of time to cherry-pick, individual banks could be intensely targeted with a blitz of fraud, or the terrorists could divide the destruction however best fits their needs. The longer they collect IDs the more powerful the financial blow.
A small, tight team of well-prepared terrorists with cell phones and thousands, or even millions of stolen identities will run virtually no risk of detection for a crime that could easily be the biggest heist in history, performed in a few hours from anywhere in the world. There will be no trail, and the thieves probably do not even need to know how to speak English.
Here is the strategically beautiful part of this plan: Due to billing cycles and additional time for disputed charges on credit cards, very expensive ultramodern weapons and targeting systems can be used to kill American soldiers at least a couple of months before anyone even has a chance to know the extent of the damage to our nations financial system.
I would not want to be a business owner who has to admit to the FBI that a breach had occurred which was not reported.
Sorry if I soiled your day.
Darrell Pruitt DDS
Catherine Fowler responded 2 years ago: #18
At a young age I had a serious injury and illness. I was told my records were lost. The doctor is no longer there, the hospital is no longer there. My mother doesn't remember it and my father is no longer here. Another doctor wants to give me an MRI but I was told any thing metal would be pulled out during an MRI. Now no one even belives this injury and illness happened. I can recall every thing that happened and even name the hospital and doctors. I know I have the right to see my medical records but so far I have not.
Add Your Comment
Comment Policy: WTN News accepts comments that are on-topic and do not contain advertisements, profanity or personal attacks. Comments represent the views of the individuals who post them and do not necessarily represent the views of WTN Media or our partners, advertisers, or sources. Comments are moderated and not immediately posted. Your email address will not be posted.
WTN Media cannot accept liability for the content of comments posted here or verify their accuracy. If you believe this comment section is being abused, contact edit@wistechnology.com.
Advertisement
Most Popular Stories
- Madoff computer programmers arrested; could face 30 years in $60B fraud
- HIPAA - Past, Present, and Future
- Seven secrets of a Steve Jobs presentation
- Myth busters: Why some things you hear about venture capital are wrong.
- Alice.com closes $6 million in new funding, raises total investment to $10.4M for online household goods shopping site
Advertisement
Featured EventsMore…
More Stories
- Stem cells may improve heart bypass results
- The future of ERP
- UW-Madison receives $9.5 million Gates Foundation grant
- Health insurance costs more in Wisconsin
- A freakonomic view of climate change
- C.O.R.E Jobs Act targets state’s economic strengths
- Online identity widget conceals email and shares social profiles
- API Healthcare introduces new generation of Navigator
- NanoRite board sets strategic direction for the center, elects officers
- HIPAA - Past, Present, and Future
- Clouds in IT future
- Anti-Gravity treadmill developed from NASA technology
- IBM moves closer to emulating human brain
- Top IT turkeys of 2009
- Wisconsin Rapids uses technology to keep residents informed
- Nuclear breakthrough has Wisconsin fingerprints
- Your organization chart and what it tells others
- Promega Corporation and SwitchGear Genomics announce a novel method for characterizing DNA-protein interactions
- The argument for free classes via iTunes
- The great cloud debate's unsatisfying but true answer
- Myth busters: Why some things you hear about venture capital are wrong.
- EraGen announces licensing agreement with San Diego biotech
- Shuttle Atlantis on pick up, delivery and installation mission
- Thousands of web sites compromised, redirect to scareware
- File-sharing software ban sought in House
- The virtual doctor visit
- Good Morning Houston, "We're having a baby, seriously! Shuttle Atlantis launches without a hitch. Simply AWESOME!
- FluGen fighting flaws in flu vaccine industry
- Madoff computer programmers arrested; could face 30 years in $60B fraud
- Priceless! The 25 funniest vintage tech ads
- Grants available to Wisconsin manufacturers
- Top 20 tech underdogs
- Contemplating an IT-less recovery
- Little benefit seen, so far, in electronic patient records
- 'The moon is alive,' NASA says after water discovery
- Tips on pitching a business plan part of Global Entrepreneurship Week
- Dell’s out-of-town tryout for smartphones
- Merge Healthcare sells additional 9 million shares
- Debbie Crave receives Honorary Recognition award from UW Madison
- The CIO and social media: Social police?
- Why Oracle's Larry Ellison will tell the EU to pound sand
- Out-of-state firms win elevator contest
- High court considers whether business methods can be patented
- Hewlett-Packard to acquire 3Com
- API Healthcare to launch remote services of human capital management solutions
- Wound Management Technologies Inc. solicits technology and development partners to leverage infrastructure for biotech and genetics
- New course shows arts students how to become entrepreneurs
- John Glaser on a day in the life of John Glaser
- StrandVision offers digital signage hardware package
- Central Signal gets $700K grant for wireless sensor networks
- Imaging firm tops grant list
- UW-Madison computer team heads to world finals for ninth straight year
- UW-Whitewater: Hosts first-ever state conference for young entrepreneurs
- Former Monster executive to lead PKWare
WTN Media Presents
