Healthcare // Electronic Health Records
News
8/26/2014
02:50 PM
50%
50%

National Health Database: Good Medicine Or Privacy Nightmare?

State health information exchanges could eventually pool patient data into a vast national database, but privacy advocates have significant concerns.

Healthcare IT Cloud Safety: 5 Basics
Healthcare IT Cloud Safety: 5 Basics
(Click image for larger view and slideshow.)

State health information exchanges could one day connect, compiling patient data into a vast national database.

Such a centralized repository of information won't necessarily result from a request for proposal and years of integration work. Rather, it's probably starting right now, as states create health information exchanges that ultimately will connect, allowing professionals from throughout the country to access records regardless of location or insurance plan.

Advocates argue that creating a centralized storage center makes sense medically. Patients located on the West Coast, for example, could get treatment from specialists in Boston, assured that clinicians can access their complete and current healthcare information. Patients would no longer spend hours completing duplicate forms for each individual clinician since every provider's office could access all patient records. Risks and costs would drop as test results and other medical information become available nationally.

[Has your organization taken these steps to bolstering security? See 10 Ways To Strengthen Healthcare Security.]

Earlier this year the Office of the National Coordinator (ONC) for Health Information Technology (HIT) unveiled its 10-year interoperability plan, which aims to improve care, cut costs, and enhance patient engagement by enabling government agencies to access patient data from a broader spectrum of providers.

"There is no better time than now to renew our focus on a nationwide, interoperable health IT infrastructure -- one in which all individuals, their families, and their healthcare providers have appropriate access to health information that facilitates informed decision-making, supports coordinated health management, allows patients to be active partners in their health and care, and improves the overall health of our population" the report says.

Access to patients' records regardless of their hometown or primary physician would reduce the number of accidental deaths related to medical errors, said Stephen Cobb, senior security researcher at ESET North America. In 2013, between 210,000 and 400,000 patients in the US died as a result of medical errors, according to the Journal of Patient Safety, with serious harm 10 to 20 times more likely to occur than lethal harm.

"If we had better... access to data, we could solve these [problems]," Cobb said. "Imagine if you were able to [swipe] an unconscious person's fingerprints and pull up the person's records to find they're allergic to latex or penicillin."

On the other hand, the Citizens' Council for Health Freedom argues that centralizing the nation's patient records is dangerous and intrusive. EMR benefits are negligible and unproven, countered Twila Brase, the organization's president and co-founder, and the risks far outweigh any rewards.

"Our government is funneling billions of dollars into systems that will dump all of our private medical records into one giant hub -- accessible by many," Brase said. "The government is touting these procedures as ways to streamline patient care, but they're actually an attempt to capture and store Americans' private medical data and share it with agencies that have nothing to do with health care."

Critics of a national health database worry about where this data will be stored, how it will be used, and who will have access to the information. Despite laws that protect individuals from discrimination due to medical condition, and insurers' inability to ban coverage because of prior medical conditions, skeptics of a nationwide health database fear misuse, abuse, and theft of these personal records. They suspect companies will profit

Alison Diana has written about technology and business for more than 20 years. She was editor, contributors, at Internet Evolution; editor-in-chief of 21st Century IT; and managing editor, sections, at CRN. She has also written for eWeek, Baseline Magazine, Redmond Channel ... View Full Bio

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
<<   <   Page 3 / 6   >   >>
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
8/27/2014 | 11:46:04 PM
hours?
"Hours" filling out forms???  How are these hours spent?  I just filled out one of those forms a week ago.  You write your name and address, check a box, and sign.

I'd rather keep my privacy.  You still have to fill out other paperwork when you see a new doctor anyway.
tekedge
50%
50%
tekedge,
User Rank: Moderator
8/27/2014 | 6:48:03 PM
Good medicine or privacy nightmare!
I feel privacy issues cause nightmares for good medicine to be practiced. How much privacy and at what cost. Where does one draw the line. There are healthcare organisations that are able to do a decent job of protecting privacy, but with big data on the rise it costs dollars and may eventually push the costs of healthcare!
tekedge
50%
50%
tekedge,
User Rank: Moderator
8/27/2014 | 6:35:08 PM
Re: Interoperability is positive, but accurate patient ID is the linchpin
@Alison, sometimes it seems like a better option making the patient responsible for the data than organisations! But having said that there are lots of reasons that is not feasible in so many ways!
Lorna Garey
50%
50%
Lorna Garey,
User Rank: Author
8/27/2014 | 5:27:56 PM
Re: Another Epic Government Fail to Screw Americans
Yes, exactly. Willfully ignoring security seems to happen less with PCI-regulated entities because there could be business-ending consequences. There rarely are, but at least the threat is there. HIPAA is like a guard dog with no teeth.
Alison_Diana
50%
50%
Alison_Diana,
User Rank: Author
8/27/2014 | 5:21:54 PM
Re: Interoperability is positive, but accurate patient ID is the linchpin
I agree completely with this approach. With the huge infiltration of smartphones today, might this approach actually work best? You'd think we could all carry our health information with us (I know, it's been tried!), making patients responsible for data, instead of organizations. 
Alison_Diana
50%
50%
Alison_Diana,
User Rank: Author
8/27/2014 | 5:20:00 PM
Re: Another Epic Government Fail to Screw Americans
I don't even know whether ACA is part of this any more. Data is good business, whether or not people are insured or not, whether Meaningful Use 2 or 8 is in effect, or whether CPOE is rule of law or voluntary (in which case, most likely nobody would do it!). But I totally agree with you, Lorna, regarding compliance vs. penalties. What continues to stick out regarding the Community Health Systems breach is that the company's stock rose after the news broke. Sure, it dropped a bit a couple of days later, but who knows whether the breach had anything to do with that downward movement? Just as we saw BoA pay a big penalty it can mostly or totally write off on its taxes and no one got jail time (many years after the financial crash it helped cause), relatively toothless HIPAA penalties won't do much to protect data or privacy. 
Thomas Claburn
IW Pick
100%
0%
Thomas Claburn,
User Rank: Author
8/27/2014 | 4:36:59 PM
Re: Interoperability is positive, but accurate patient ID is the linchpin
The whole idea of a central health database should be turned on its head. Patients should have the infrastructure to make their data accessible to relevant parties upon request and to do so in a way that does not compromise their privacy.
Lorna Garey
50%
50%
Lorna Garey,
User Rank: Author
8/27/2014 | 3:38:24 PM
Re: Another Epic Government Fail to Screw Americans
If you ask an HC CIO why they don't fully follow HIPAA rules, and they're in a truth-telling mood, they'll say that it's because it's much, much less expensive to pay the fines than to implement the programs to comply with the letter and spirit of the law. That's human, and corporate, nature. Unless regulators have the manpower and legal authority to inflict real pain on entities that fail to secure PII well, security will be spotty.

And again, this goes back to the worldview that the ACA should be scrapped, even that governance in and of itself is bad and should be shrunken until of drownable size. Putting someone with that opinion in charge of deciding whether to take steps and allocate funds to make the law work is folly, most especially given the role of money in politics. 
Alison_Diana
100%
0%
Alison_Diana,
User Rank: Author
8/27/2014 | 3:09:47 PM
Re: Interoperability is positive, but accurate patient ID is the linchpin
Thanks for the updated information, M2SYS. I had been talking to the IT director at a hospital at the time, hence the clinician example. Obviously if a system's for use by patients, gloves aren't an issue -- and healthcare providers can use less expensive, less sensitive systems. Good to know there are systems that do offer providers more sensitivity. Time is so important to clinicians; saving a few seconds per patient adds up, and biometrics offers healthcare providers a way to shave off time -- improving care and security.
M2SYS
50%
50%
M2SYS,
User Rank: Apprentice
8/27/2014 | 3:05:36 PM
Re: Interoperability is positive, but accurate patient ID is the linchpin
Alison - the sophistication of fingerprint readers has advanced to the point where some are able to read fingerprints even when an end user is wearing latex gloves. Not all fingerprint providers can boast this, but the more savvy ones have built devices that are more practical for Dr's and nurses to use in a clinical setting where wearing gloves is mandatory. Usually though, these deployments of biometrics are for medication access, or single sign on applications to log into a hospital EHR database, or any database that contains PHI for that matter.

For patient identification, fingerprints are an option but when presented with the hardware modality options, most healthcare orgs choose something like palm vein or iris recogniton due to the fact that they don't rely on skin integrity (which fingerprint does, and may inadvertently exclude a percentage of the patient population from eligiblity) to identify a patient and some (iris) are non-contact which supports hospital infection control protocols.

So it's important to distinguish the use of biometrics for clinicians to access medicine or a medical database vs. biometrics for patient identification, but as you point out, the use of biometrics for both capacities is certainly rising in the industry. 

 
<<   <   Page 3 / 6   >   >>
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest, Nov. 10, 2014
Just 30% of respondents to our new survey say their companies are very or extremely effective at identifying critical data and analyzing it to make decisions, down from 42% in 2013. What gives?
Video
Slideshows
Twitter Feed
InformationWeek Radio
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.