Electronic Records, Private Lives
Audits Welcome? continued...
What's to stop a hacker from breaking into one of these systems to steal
personal information (such as social security numbers or other personal data)?
And even if you've got a system that's harder to break into electronically than
it is to get into Fort Knox with a pick and shovel, how do you know who's been
looking at your private information?
"I think it's important to understand that with a paper record, you have
no idea who's looking at your record," says Daniel Z. Sands, MD, MPH,
professor of medicine at Harvard Medical School, and clinical systems
integration architect at Beth Israel Deaconess Medical Center in Boston.
"With an electronic record, you can have an audit trail of who's looking
at your record, and I think that's very important. There is certainly some risk
to having electronic records, and perhaps because they're more accessible,
there's more of a risk than with paper records," Sands tells WebMD.
"That being said, nobody has ever died from the inappropriate release of
a medical record, but plenty of people have died because people couldn't get
access to that information. I think we need to strike a balance between the
security and protection of that information and the access to the
Many people willingly share some of their most sensitive personal
information with web-based merchants, such as credit card numbers and
expiration dates, bank accounts, buying preferences, addresses, phone numbers,
and even social security data. Why shouldn't medical information be similarly
available, as long as the patient can control access to that information?
"I meet people who are terribly afraid of all the potential," says
Steven Schwaitzberg, MD, director of the Minimally Invasive Surgery Center at
Tufts-New England and Associate professor of surgery at Tufts University School
of Medicine in Boston. "They're very afraid of the intrusion on their
privacy and demand control of the information."
He points to developments such as so-called radio frequency identification,
or RFID technology, currently under development at MIT and other technology
centers, in which minuscule radio-transmitting chips can be buried in
everything from goods on the supermarket shelf to the clothing on your back. A
similar type of technology, using retinal scans, was featured in the Stephen
Spielberg sci-fi thriller Minority Report.
"RFID really could improve communication dramatically, but people are
afraid of being tagged and watched and being countable," Schwaitzberg tells
Still, he says, "millions of Americans are buying something online right
now. Americans seem to be happy to give up information about themselves, and
yet there is a very stalwart group of people who are very concerned."
Schwaitzberg and others who advocate online health records say many of those
fears could be allayed by a well-designed system with checks and balances. For
example, patients could use a personal identification number, or PIN code, to
get access to an electronic medical record, sharing it with doctors or other
health-care providers who need the information, and then changing the code to
ensure privacy when necessary.
That way, someone who becomes injured or sick while traveling could grant
instant access to health records by local doctors.
A bigger barrier to the flow of information, Schwaitzberg says, is the
current hodgepodge of incompatible information systems, many of which are
designed for use only in a specific hospital or group of health centers.