Healthcare // Electronic Health Records
News
8/26/2014
02:50 PM
50%
50%

National Health Database: Good Medicine Or Privacy Nightmare?

State health information exchanges could eventually pool patient data into a vast national database, but privacy advocates have significant concerns.

Healthcare IT Cloud Safety: 5 Basics
Healthcare IT Cloud Safety: 5 Basics
(Click image for larger view and slideshow.)

State health information exchanges could one day connect, compiling patient data into a vast national database.

Such a centralized repository of information won't necessarily result from a request for proposal and years of integration work. Rather, it's probably starting right now, as states create health information exchanges that ultimately will connect, allowing professionals from throughout the country to access records regardless of location or insurance plan.

Advocates argue that creating a centralized storage center makes sense medically. Patients located on the West Coast, for example, could get treatment from specialists in Boston, assured that clinicians can access their complete and current healthcare information. Patients would no longer spend hours completing duplicate forms for each individual clinician since every provider's office could access all patient records. Risks and costs would drop as test results and other medical information become available nationally.

[Has your organization taken these steps to bolstering security? See 10 Ways To Strengthen Healthcare Security.]

Earlier this year the Office of the National Coordinator (ONC) for Health Information Technology (HIT) unveiled its 10-year interoperability plan, which aims to improve care, cut costs, and enhance patient engagement by enabling government agencies to access patient data from a broader spectrum of providers.

"There is no better time than now to renew our focus on a nationwide, interoperable health IT infrastructure -- one in which all individuals, their families, and their healthcare providers have appropriate access to health information that facilitates informed decision-making, supports coordinated health management, allows patients to be active partners in their health and care, and improves the overall health of our population" the report says.

Access to patients' records regardless of their hometown or primary physician would reduce the number of accidental deaths related to medical errors, said Stephen Cobb, senior security researcher at ESET North America. In 2013, between 210,000 and 400,000 patients in the US died as a result of medical errors, according to the Journal of Patient Safety, with serious harm 10 to 20 times more likely to occur than lethal harm.

"If we had better... access to data, we could solve these [problems]," Cobb said. "Imagine if you were able to [swipe] an unconscious person's fingerprints and pull up the person's records to find they're allergic to latex or penicillin."

On the other hand, the Citizens' Council for Health Freedom argues that centralizing the nation's patient records is dangerous and intrusive. EMR benefits are negligible and unproven, countered Twila Brase, the organization's president and co-founder, and the risks far outweigh any rewards.

"Our government is funneling billions of dollars into systems that will dump all of our private medical records into one giant hub -- accessible by many," Brase said. "The government is touting these procedures as ways to streamline patient care, but they're actually an attempt to capture and store Americans' private medical data and share it with agencies that have nothing to do with health care."

Critics of a national health database worry about where this data will be stored, how it will be used, and who will have access to the information. Despite laws that protect individuals from discrimination due to medical condition, and insurers' inability to ban coverage because of prior medical conditions, skeptics of a nationwide health database fear misuse, abuse, and theft of these personal records. They suspect companies will profit

Alison Diana has written about technology and business for more than 20 years. She was editor, contributors, at Internet Evolution; editor-in-chief of 21st Century IT; and managing editor, sections, at CRN. She has also written for eWeek, Baseline Magazine, Redmond Channel ... View Full Bio

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
<<   <   Page 4 / 6   >   >>
Alison_Diana
100%
0%
Alison_Diana,
User Rank: Author
8/27/2014 | 2:53:41 PM
Re: Interoperability is positive, but accurate patient ID is the linchpin
Absolutely true: We cannot wait for a 100% impenetrable database. If we do, we'll never get anywhere! And you'd certainly imagine biometric developers are at the head of the security process for ensuring the protection and integrity of such personal information. 

One interesting tidbit I learned regarding biometrics in healthcare: Fingerprints can be challenging since so many healthcare positions require users to wear latex (or similar) gloves. It's one reason I think iris scans will be a big boon in this sector at some point, at least among employees (if not patients, too). In one case, a relatively high percentage of pilot users had to resort to the back-up mode to log on because they couldn't operate the system due to their gloves. Some developers have, however, figured this out, apparently, and have fingerprint systems that take gloves into account. Anyone know more about this?
Alison_Diana
50%
50%
Alison_Diana,
User Rank: Author
8/27/2014 | 2:50:12 PM
Re: Another Epic Government Fail to Screw Americans
Well, yes, most people want a system that cannot be hacked. I don't necessarily think security is the highest priority for healthcare providers, as a rule. That's not to say some providers don't do an excellent job of securing data. They do. But some have not invested enough or the right resources to secure data or privacy. There are many reasons why: There are so many mandates and only so many dollars and people, and obviously something has to give! The type of security needed now in healthcare is foreign to the industry, which hasn't historically needed to think of data in this manner or scope. And it's challenging to find the money or the people to fill the needs, especially as so many other industries -- often higher paying -- are competing for the same people. That said, excuses don't protect our information and many healthcare providers have figured out a way to safeguard our information.
Alison_Diana
50%
50%
Alison_Diana,
User Rank: Author
8/27/2014 | 2:46:49 PM
Re: Safety and security
I've seen articles that demonstrate how much medical information is out there based on our own social media posts. Software can troll through Facebook, Twitter, etc., to discover all those posts about headaches, flu, stomachaches, etc., and determine who has what and when. I do worry about the patient-focused support groups for chronic conditions -- online forums hosted by healthcare providers, pharma companies, or patients. While they are generally a great idea since patients (and caregivers) can learn about new cures and treatments, best practices, get mental and emotional support, and educate themselves about the condition, I do wonder just how much information is accessible about members if somebody wanted to learn that data for nefarious reasons. 

OTOH, a number of people tell me a growing number of patients are open about their conditions, hopeful their transparency will prompt more research, understanding, and treatments. As with everything medical, I believe it HAS to be transparent and opt-in: If you want to share information, go for it -- but that decision has to be in readily understandable non-legalese and must be up to the patient.
M2SYS
50%
50%
M2SYS,
User Rank: Apprentice
8/27/2014 | 2:30:25 PM
Re: Interoperability is positive, but accurate patient ID is the linchpin
Thanks for the feedback Alison and you bring up a valid point when referring to assurances that if you provide your biometric information, it is kept safe and secure. We should preface this with saying that there isn't a database on this planet that isn't susceptible to hackers - and it is a disservice to the indutsry to claim that database security could "never" be compromised.

With that in mind, most biometric identification providers take great measures to ensure that patient identities are secured starting with strong encryption of enrollment templates. Most people don't realize that there isn't an image of your fingerprint, or iris stored on a database - instead it's a series of unique data points that have been mapped out based on an image of your biometric credential so the likelihood that a hacker could let alone breach a biometric database and reverse engineer your template to create an image of your biometric credential is extremely slim. Second, most biometric capture devices are now equipped with very sophisticated "liveness" detection technology that prevents spoofing and makes it nearly impossible. Meaning, if someone were to reverse engineer a biometric enrollment template and attempt to use it claiming the identity of another person, most biometric devices have technology that can decipher a fake image from a real one or contain multimodal capabilities - meaning that the device measures two biometric credentials, not one, making it next to impossible for an impostor to fool.

So the biometrics industry has implemented safeguards that help protect your credentials and ensure thay they are kept safe and out of the hands of criminals or hackers.  
Henrisha
50%
50%
Henrisha,
User Rank: Strategist
8/27/2014 | 2:22:35 PM
Re: Consider the source
I agree. If you work with people who might have alternate motives, then you're basically better off working alone.
Henrisha
50%
50%
Henrisha,
User Rank: Strategist
8/27/2014 | 2:21:43 PM
Re: Another Epic Government Fail to Screw Americans
There are pros and cons to every new piece of technology that is introduced. To come up with a hack-proof system that keeps patients' records and information private in the event of a hack is something that experts are already working on.
Henrisha
50%
50%
Henrisha,
User Rank: Strategist
8/27/2014 | 2:20:57 PM
Re: Safety and security
At the rate things are going--privacy breaches, data hacks, and whatnot--what information of ours, that is supposedly private, isn't already out there, I wonder?
Alison_Diana
50%
50%
Alison_Diana,
User Rank: Author
8/27/2014 | 12:54:48 PM
Re: Sounds like a fairy tale more than a nightmare
Yes, everyone I spoke to basically agreed we won't have one big database a la Britain's NHS. But I think we're moving to a de facto system of multiple, interconnected databases that serve the same purpose. Not sure when that will happen. As we all know, all HIXs aren't exactly meeting their projected dates and goals! Eventually, however, all 50 states will no doubt have some form of HIX and multiple ACOs, all of which inter-communicate data on all patients. Combine that with the huge percent of patients covered by government -- Medicare, Medicaid, VA, Tristar, jail/prison -- and you've already got a big portion of the nation's population in a national database of sorts.
Alison_Diana
50%
50%
Alison_Diana,
User Rank: Author
8/27/2014 | 12:51:37 PM
Re: Interoperability is positive, but accurate patient ID is the linchpin
Really good point, M2SYS. I recall, years ago, seeing one specialist who was ahead of the curve in including digitally taken photos into patient records. It was reassuring, especially given the nature of the specialty he had, to know it would be more diffiicult for someone else to pretend to be me at an appointment. Of course, tech has come a long way since then as you point out, and biometrics are much less expensive and easier to implement. However, I would want reassurance that related securities also protect the actual data to ensure thieves couldn't steal not only my medical records, insurance, and credit card info, but also my fingerprint/iris scan!
Alison_Diana
50%
50%
Alison_Diana,
User Rank: Author
8/27/2014 | 12:48:31 PM
Re: Another Epic Government Fail to Screw Americans
As I see it, we now have the worst of both worlds as patients. We still have to complete reams of paperwork whenever we start at a new doctor's office but insurers and most physician offices can access our records electronically to find other physicans' notes, billing information, or to get us to pay that growing co-pay. All that digitization leads to increased risk of hacking or illicit access -- but we seldom (I've never yet, to be honest) reap the benefits we're supposed to. Until that day comes, the healthcare system will have a tough time arguing we're in better shape.
<<   <   Page 4 / 6   >   >>
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest, Dec. 9, 2014
Apps will make or break the tablet as a work device, but don't shortchange critical factors related to hardware, security, peripherals, and integration.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of December 14, 2014. Be here for the show and for the incredible Friday Afternoon Conversation that runs beside the program.
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.