April 3, 2000 (Washington) -- How's this for the future: Health care is tracked and coordinated through your own personal "smart card" that allows physicians anywhere in the world to access your medical record. Now flip the coin -- criminals electronically impersonate doctors to obtain and distribute drugs. Or worse.
Welcome to the e-health frontier.
Raymond Kammer, director of the National Institute of Standards and Technology (NIST), tells WebMD that in a perfect health care world, if you get sick out of town or out of the country, your smart card will allow "you [to] put your thumb up against a screen" for identification and then "all of your personal medical data is now available to [that] physician."
In the real world, there have been impressive advances. West Virginia's Charleston Area Medical Center now has a teleradiology network that can make links 24 hours a day, seven days a week between rural areas and board-certified radiologists. That has meant reducing the time it takes radiologists to read a patient's X-ray and send back an interpretation from about 10 hours to 15 minutes, in some cases. The network allows patients to stay closer to home during treatment, Kammer says, and "reduces the number of transfers and repeat exams required." The program is planning to expand to include cardiology and oncology services.
But there's a bit of a rub, which the House technology subcommittee examined in a hearing today. There aren't yet clear standards to make sure that this information is actually secure, or to prove the identity of the doctor and patient at each end of an electronic communication.
According to Lewis Lorton, acting administrator of the industry group Forum on Privacy and Security in Healthcare, there are some 1,600 health information technology firms, but "no underlying industry standard security requirements for their products."
The streets of the nation's capital are literally being torn up for fiber optic cables, and national demand has never been higher for Internet-based and other high-tech information systems. In health care, the money and time savings offered by these advances in information technology are enticing. About 20% of the nation's $1.1 trillion annual medical spending is paperwork-related, and the committee cited estimates that "health care providers spend nearly half of their time filling out forms rather than attending to additional patients."
Final federal privacy rules expected later this year will set new protections for personal medical information that is transmitted electronically. But the rules will not set security standards to prove that high-tech information systems preserve privacy.
That raises some troubling possibilities. Testimony from Gregory Hedges, an Arthur Andersen technology risk consultant, recalls that a "dot com" music retailer recently had 500,000 credit card numbers stolen from its system. "If 500,000 medical records were stolen ... and that information was disclosed to the public, it would forever be publicly known and potentially abused no matter how much money was used to try to correct the problem."