Electronic Records, Private Lives
Audits Welcome? continued...
"Sharing personal medical and health information across the Internet
requires a certain leap of faith -- or at least a strong sense of privacy and
trust," acknowledge the authors of a Pew Internet and American Life Project
report on health information online. Asked whether he would ever share health
information with someone he "met" online, one respondent to a Pew
survey replied, "ABSOLUTELY NOT. I wouldn't dare. You don't know who you
are talking to."
What's to stop a hacker from breaking into one of these systems to steal
personal information (such as social security numbers or other personal data)?
And even if you've got a system that's harder to break into electronically than
it is to get into Fort Knox with a pick and shovel, how do you know who's been
looking at your private information?
"I think it's important to understand that with a paper record, you have
no idea who's looking at your record," says Daniel Z. Sands, MD, MPH,
professor of medicine at Harvard Medical School, and clinical systems
integration architect at Beth Israel Deaconess Medical Center in Boston.
"With an electronic record, you can have an audit trail of who's looking
at your record, and I think that's very important. There is certainly some risk
to having electronic records, and perhaps because they're more accessible,
there's more of a risk than with paper records," Sands tells WebMD.
"That being said, nobody has ever died from the inappropriate release of
a medical record, but plenty of people have died because people couldn't get
access to that information. I think we need to strike a balance between the
security and protection of that information and the access to the
Many people willingly share some of their most sensitive personal
information with web-based merchants, such as credit card numbers and
expiration dates, bank accounts, buying preferences, addresses, phone numbers,
and even social security data. Why shouldn't medical information be similarly
available, as long as the patient can control access to that information?
"I meet people who are terribly afraid of all the potential," says
Steven Schwaitzberg, MD, director of the Minimally Invasive Surgery Center at
Tufts-New England and Associate professor of surgery at Tufts University School
of Medicine in Boston. "They're very afraid of the intrusion on their
privacy and demand control of the information."