Yonkers N.Y., - An investigation in the March 2006 issue of Consumer Reports magazine contends that a national system of Electronic Health Records (EHRs) being developed by the federal government, states, HMOs, and PPOs to link the medical records of every American has potential for abuse. Consumer Reports claims that while such electronic medical records systems could save lives and billions of dollars in health-care spending, it may also jeopardize the security of personal health care information.The advantages of EHRs are many, according to Consumer Reports, include: more precise patient care from doctors, greater participation by patients, and an early-warning system for medical disasters such as the appearance of avian flu are among the hoped-for achievements for an electronic medical records network.
Another is the potential savings in health-care spending of $77 billion annually, according to the RAND Corp., if 90% of doctors and hospitals adopt the system. Much of the savings would come from shorter hospital stays prompted by better-coordinated care and fewer redundant tests and procedures. Fewer prescription errors, another benefit of computerized systems' warning doctors and pharmacists of potential adverse drug reactions, could save an additional $4 billion.
The potential benefits have spurred many state government agencies, hospital chains, and health-care providers to develop their own electronic records systems. But troubling questions come with the promises, according to Consumer Reports: How will the system be safeguarded from marketers, fund-raisers, or potential employers? Could computer hackers release the information onto the Internet for everyone to see? How will patients be able to control access to or find out who has viewed their medical records?
Consumer Reports states that in absence of safeguards, marketers could use electronic medical records to sell patients new drugs to treat their illnesses; fund-raisers could target those newly diagnosed of a disease and encourage them to contribute to their cause. Lenders and employers could also use such information to disqualify people with health problems from obtaining loans and jobs.
In addition, privacy advocates worry that the sharing of health information allowed under Health Insurance Portability and Accountability Act (HIPAA) could allow insurers to share data with their affiliates, such as a bank doing health-care consulting, or a potential employer, according to Consumer Reports.
Corporations acquiring a pharmacy group or insurance company, or a data warehouse sharing consumer information with drug-makers looking to improve marketing are not sufficiently regulated by HIPAA law, the article states. That information may include name, diagnosis code, and how much a patient paid, which could be enough to derail the prospects of a loan, mortgage, or job. According Consumer Reports, it would be impossible to prove medical information was shared since HIPAA does not require a disclosure audit.
Of course, advocates of Electronic Health Records say the system will have the tightest possible security. But recent large-scale thefts of credit card and banking information put those claims into question. And electronic medical records systems now in operation have already sprung some serious security leaks, the article notes. For example, in 2003, a medical transcriptionist in Pakistan threatened to post patient records from the University of California San Francisco's Medical Center on the Internet unless she was paid for her work for a transcription service company hired by the university. The dispute was resolved but patients had no idea their records were being sent overseas.
In another breach, two computers that held a disc containing the confidential records of close to 200,000 patients of a medical group in San Jose, California, were posted for sale on Craigslist.org. The FBI recovered the information and the medical group informed current and former patients of the theft.
Source: Consumer Reports
