Transition from paper to electronic medical records raises concerns
Dec 19, 2010 (Fort Worth Star-Telegram - McClatchy-Tribune Information Services via COMTEX) --
As the transition from paper to electronic medical records gains momentum, so have concerns that more confidential patient information will fall into the wrong hands.
Privacy advocates warn that without proper safeguards, digital records could make large caches of personal medical data vulnerable to theft or improper use, such as discrimination by employers.
Protected health information for more than 100,000 Texans has been breached since September 2009, when the federal government started requiring providers to report such incidents. Most of the larger breaches involved digital medical records.
"The security issues are extreme," said Dr. Deborah Peel, founder of Austin-based Patient Privacy Rights and an outspoken critic of how digital records are being implemented. "Some of these systems are very poorly protected, and you are going to have patients without control over who is looking at their health information."
Digital records are generally considered a crucial step in transforming the healthcare industry. They are expected to improve patient outcomes and cut wasteful spending by giving physicians immediate access to crucial information, like past treatments and allergies.
As of 2009, less than 30 percent of Texas doctors had started some form of digital records, according to a Texas Medical Association survey. But the Obama administration made available $19 billion in stimulus money to create digital records for all patients by 2014.
Experts point out that paper records were also vulnerable to security breaches. Regardless of the format, confidentiality comes down to compliance with state and federal privacy laws, they say.
"It's a big issue and it all comes down to trust," said Dr. Matt Murray, a TCU Health Center physician and member of the medical association's ad hoc health information technology committee. "In many ways, if the providers adhere to good policies and procedures, the electronic data can be safer than the paper data."
Several breaches have occurred in Tarrant County. A University of Texas at Arlington network server providing access to university health center prescription records for 27,000 people was left unsecured four times.
This summer, an office door was kicked in and four computers containing patient information were stolen from a Fort Worth allergy clinic.
Providers are required to report any breaches that affect more than 500 patients. Seventeen such incidents have been reported in Texas, according to the U.S. Department of Health and Human Services.
Three of the 17 breaches involved paper records.
Peel said concerns about electronic medical records go beyond technical fears of insufficient firewalls or stolen computers.
States are establishing electronic information exchanges that will allow providers to transmit patient information, and to link with other states and, eventually, a national exchange. In March, Texas received $28.8 million through a federal stimulus program to create an exchange.
"These electronic health records are required to be data-mined for a whole variety of purposes," Peel said.
Peel said she fears a day when employers gain access to medical information and use it to make decisions, such as hiring only employees likely to remain healthy.
Privacy advocates are not the only ones raising concerns. A physicians group representing more than 20,000 Maryland doctors, citing fears that insurers could manipulate records to affect treatment decisions, recently called for legislation ensuring that medical records are not used to advance any commercial interests.
Controls in place
Advocates of digital medical records said state and federal privacy laws restrict who can view medical information. Providers say their systems have ample security controls, including encryption features not available for paper records.
Texas Health Resources is completing installation of the Epic digital health records at its 13 facilities. Access to the network's 4.7 million electronic patient records is tightly controlled, said Pam Johnston, the network's vice president of electronic health records operations. Every record viewed leaves an auditing trail showing who accessed it, what type of information they viewed and how long they looked at it.
"We have a 'broken glass' alert if someone tries to access information for a patient not on their patient team," Johnston said.
The JPS Health Network recently launched a five-year, $94 million implementation of Epic.
Texas Health Resources has started an information exchange with Children's Medical Center of Dallas on patients they both treat, Johnston said. That information is shared only with the patient's approval.
"Patient consent is very important; they have to agree to that kind of exchange," she said.
The issue could arise during the next state legislative session, which starts in January. The success of the state's health information exchange may hinge in part on whether patients trust that their health information is secure, said Sen. Jane Nelson, R-Flower Mound, chairwoman of the Senate Health and Human Services Committee.
"Patient distrust can lead to the omission of critical health information, causing potentially dangerous results," Nelson said.
Alex Branch, 817-390-7689
To see more of the Fort Worth Star-Telegram, or to subscribe to the newspaper,
go to http://www.dfw.com. Copyright (c) 2010, Fort Worth Star-Telegram, Texas
Distributed by McClatchy-Tribune Information Services. For more information
about the content services offered by McClatchy-Tribune Information Services
(MCT), visit www.mctinfoservices.com.
[ Back To TMCnet.com's Homepage ]