Healthcare // Electronic Health Records
News
8/26/2014
02:50 PM
Connect Directly
RSS
E-Mail
50%
50%

National Health Database: Good Medicine Or Privacy Nightmare?

State health information exchanges could eventually pool patient data into a vast national database, but privacy advocates have significant concerns.

Healthcare IT Cloud Safety: 5 Basics
Healthcare IT Cloud Safety: 5 Basics
(Click image for larger view and slideshow.)

State health information exchanges could one day connect, compiling patient data into a vast national database.

Such a centralized repository of information won't necessarily result from a request for proposal and years of integration work. Rather, it's probably starting right now, as states create health information exchanges that ultimately will connect, allowing professionals from throughout the country to access records regardless of location or insurance plan.

Advocates argue that creating a centralized storage center makes sense medically. Patients located on the West Coast, for example, could get treatment from specialists in Boston, assured that clinicians can access their complete and current healthcare information. Patients would no longer spend hours completing duplicate forms for each individual clinician since every provider's office could access all patient records. Risks and costs would drop as test results and other medical information become available nationally.

[Has your organization taken these steps to bolstering security? See 10 Ways To Strengthen Healthcare Security.]

Earlier this year the Office of the National Coordinator (ONC) for Health Information Technology (HIT) unveiled its 10-year interoperability plan, which aims to improve care, cut costs, and enhance patient engagement by enabling government agencies to access patient data from a broader spectrum of providers.

"There is no better time than now to renew our focus on a nationwide, interoperable health IT infrastructure -- one in which all individuals, their families, and their healthcare providers have appropriate access to health information that facilitates informed decision-making, supports coordinated health management, allows patients to be active partners in their health and care, and improves the overall health of our population" the report says.

Access to patients' records regardless of their hometown or primary physician would reduce the number of accidental deaths related to medical errors, said Stephen Cobb, senior security researcher at ESET North America. In 2013, between 210,000 and 400,000 patients in the US died as a result of medical errors, according to the Journal of Patient Safety, with serious harm 10 to 20 times more likely to occur than lethal harm.

"If we had better... access to data, we could solve these [problems]," Cobb said. "Imagine if you were able to [swipe] an unconscious person's fingerprints and pull up the person's records to find they're allergic to latex or penicillin."

On the other hand, the Citizens' Council for Health Freedom argues that centralizing the nation's patient records is dangerous and intrusive. EMR benefits are negligible and unproven, countered Twila Brase, the organization's president and co-founder, and the risks far outweigh any rewards.

"Our government is funneling billions of dollars into systems that will dump all of our private medical records into one giant hub -- accessible by many," Brase said. "The government is touting these procedures as ways to streamline patient care, but they're actually an attempt to capture and store Americans' private medical data and share it with agencies that have nothing to do with health care."

Critics of a national health database worry about where this data will be stored, how it will be used, and who will have access to the information. Despite laws that protect individuals from discrimination due to medical condition, and insurers' inability to ban coverage because of prior medical conditions, skeptics of a nationwide health database fear misuse, abuse, and theft of these personal records. They suspect companies will profit

Alison Diana has written about technology and business for more than 20 years. She was editor, contributors, at Internet Evolution; editor-in-chief of 21st Century IT; and managing editor, sections, at CRN. She has also written for eWeek, Baseline Magazine, Redmond Channel ... View Full Bio

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
<<   <   Page 2 / 6   >   >>
progman2000
50%
50%
progman2000,
User Rank: Moderator
8/28/2014 | 7:57:06 PM
Re: Sounds like a fairy tale more than a nightmare
Slightly off topic, but I once interviewed someone for a technical position in my company, which writes software for hospitals.  This candidate was an intern from Germany in the US working for a large EMR.  I was explaining to him how our software collects all of the information from the patient at registration (insurance cards, driver license, etc).  He kept looking at me like I had three heads and when I was done told me in Germany they just go into a hospital with their ID card which has their info barcoded on since their healthcare is run by the government.  It was eye opening for both of us.
Alison_Diana
50%
50%
Alison_Diana,
User Rank: Author
8/28/2014 | 2:23:54 PM
Re: Interoperability is positive, but accurate patient ID is the linchpin
I'm excited about patient use of biometrics and would love to know if any developers or providers are piloting this approach. Sure, it won't be 100% accurate or safe; nothing is! But what a big step forward this could be and what a simple, cost-effective way to improve security without adding onerous complexity. I'd love that option for a patient portal. It would definitely encourage me to access it and improve my comfort level with the security.
Alison_Diana
IW Pick
100%
0%
Alison_Diana,
User Rank: Author
8/28/2014 | 2:20:45 PM
Re: Another Epic Government Fail to Screw Americans
Those are great points, Susan. Tackling the first, I wholeheartedly agree that there's a huge difference between doing something because you have to and doing something because it's integral to your being, to your corporate philosophy, and to the way you think about your customers -- or, in healthcare's case, patients. It's also how you think about employees. After all, the same tools, technologies, and processes that protect (or don't) your customers protect your employee data. And that might not be good. When talking to a CISO/CSO who really gets how vital security is to an operation, who is viewed as key to the c-suite, you see the value s/he (usually he) provides. One reason: That exec educates other c-levels and board members about why security is vital, about the carrot/stick, and how it requires everything from ongoing education to technologies.

Regarding your second point, JP Morgan obviously is not spending enough on security -- and it is a relatively tiny amount of money, relative to the huge earnings it boasts. I am for small government, in general, and would never argue for regulations demanding a set percentage of spending on security. But you'd certainly hope some board members would be savvy enough to recognize that's nowhere near enough. Until shareholders and board members are held liable -- especially if they are on record blocking CSO/CIO recommendations for X tech or Y process -- then fines against the company, which invariably get passed along to consumers, won't do a thing. We really need bigger, sharper teeth that - like Sarbanes-Oxley - put people's names, not company names, on the line.

 

 

 
Susan_Nunziata
50%
50%
Susan_Nunziata,
User Rank: Strategist
8/28/2014 | 1:54:37 PM
Re: Interoperability is positive, but accurate patient ID is the linchpin
@M2SYS: Thanks for bringing up something I hadn't considerd -- two very different applicaitons for biometrics there. As patients themselves increasingly use elecronic health records, Biometrics could be an added tool in keeping patient data secure, especially since some smartpones now incorporate fingerprint readers as part of the authentication process.

Has the use of biometrics been effective in the clinical uses you've cited? Are you aware of cases in which the wrong playeres were able to gain access even with the biometrics in place.
Susan_Nunziata
50%
50%
Susan_Nunziata,
User Rank: Strategist
8/28/2014 | 1:44:47 PM
Re: Another Epic Government Fail to Screw Americans
@Alison: It seems to me that the response to customers is designed to merely meet what is required by legisltation, as opposed to really keeping the best interests of the customers in mind. What shocked me the most about today's bank breach news is this statement in a Bloomberg News article: JPMorgan Chase spends about $200 million each year to protect itself from cyber attacks, Chief Executive Officer Jamie Dimon wrote in a April 2013 letter to shareholders.

For a financial institution that earns billions dealing with our $$, doesn't $200 million a year seem like an awfully small amount to spend on security?

And, if a bank is only spending that much, how much can we possible expect healthcare providers or for-profit health insurance companies to spend?
Alison_Diana
50%
50%
Alison_Diana,
User Rank: Author
8/28/2014 | 9:48:03 AM
Re: Good medicine or privacy nightmare!
Why will big data cause healthcare costs to go up, @tekedge? Is it because some patients might not tell doctors the truth or may not disclose everything, fearful that some factor could end up in their "permanent record"? I see that point; as consumers get more educated about how permanent and far-reaching everything they tell their doctors is becoming, they could well become more leery of admitting to that extra glass of wine, that occasional marijuana use, or that tendency to eat six bowls of ice cream on Sundays.
Alison_Diana
50%
50%
Alison_Diana,
User Rank: Author
8/28/2014 | 9:45:35 AM
Re: Another Epic Government Fail to Screw Americans
Unfortunately I think you're right. Just this morning we heard about the breach at JP Morgan (and other banks). For one, I was furious that the "other banks" were yet to be named. For another, we have to rely on JP Morgan assuring us that everything's fine. Well, somehow that's not really too comforting. And just yesterday -- more than a week after it went public and more than a month after it knew about the breach -- Community Health Systems began notifying affected patients. There's a real disconnect here.
Alison_Diana
50%
50%
Alison_Diana,
User Rank: Author
8/28/2014 | 9:43:32 AM
Re: hours?
It's cumulative, @Joe. If you see multiple doctors and go for multiple tests in one year, you do spend hours filling out forms. And if you have kids, then double (or more) that time. So yes, figure about 15-20 minutes per doctor and that time quickly adds up if you unfortunately have to see more than one or two new physicians, test centers, or specialists per year.
Alison_Diana
50%
50%
Alison_Diana,
User Rank: Author
8/28/2014 | 9:41:44 AM
Re: Good medicine or privacy nightmare!
I think many organizations that use or create big data have integrity. My personal fear is the start of the big-data brokers, companies that simply vacuum up health information for packaging and resale. As we see that business model flourish, there'll be more line-fudging, more intermingling of other data (read consumer shopping and demographics), IMHO, and that could lead to more easily identifiable information floating around. That, at least, is what bothers me. That's why I want more oversight on de-identification and anonymization of data and usage. That's just my personal opinion, not a particularly scientific one!
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
8/27/2014 | 11:52:44 PM
Re: Another Epic Government Fail to Screw Americans
I think data breaches have attracted so many headlines these days -- and have become so (unfortunately) common -- that data breaches don't even have that much effect on a company's stock any more unless the breach is especially significant (think Target or Adobe levels).
<<   <   Page 2 / 6   >   >>
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest Septermber 17, 2014
It doesn't matter whether your e-commerce D-Day is Black Friday, tax day, or some random Thursday when a post goes viral. Your websites need to be ready.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.